urlscan.io logo urlscan.io
SecurityTrails logo

rextester.com Open in urlscan Pro
92.204.4.78  Public Scan

Go To Rescan Add Verdict Report
URL: https://rextester.com/SWAT66620
Submission Tags: falconsandbox
Submission: On July 19 via api from US — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 7 countries across 27 domains to perform 79 HTTP transactions. The main IP is 92.204.4.78, located in Strasbourg, France and belongs to GD-EMEA-DC-SXB1, DE. The main domain is rextester.com. The Cisco Umbrella rank of the primary domain is 857165.
TLS certificate: Issued by ZeroSSL RSA Domain Secure Site CA on December 13th 2021. Valid for: a year.
This is the only time rextester.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
2 92.204.4.78 8972 (GD-EMEA-D...)
1 2 2a00:1450:400... 15169 (GOOGLE)
3 94.31.29.32 33438 (STACKPATH)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 172.217.18.2 15169 (GOOGLE)
1 167.99.117.8 14061 (DIGITALOC...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 185.255.84.151 200271 (IGUANE-)
1 178.250.0.165 44788 (ASN-CRITE...)
1 2602:803:c003... 26667 (RUBICONPR...)
1 51.89.9.254 16276 (OVH)
1 54.146.39.184 14618 (AMAZON-AES)
1 34.107.148.139 15169 (GOOGLE)
1 54.77.185.238 16509 (AMAZON-02)
1 72.251.249.13 29791 (VOXEL-DOT...)
3 185.89.210.90 29990 (ASN-APPNEX)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 35.241.34.106 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:2638:1::3 44788 (ASN-CRITE...)
4 2a00:1450:400... 15169 (GOOGLE)
1 3 2a02:2638::1c 44788 (ASN-CRITE...)
1 178.250.0.157 44788 (ASN-CRITE...)
5 185.89.210.212 29990 (ASN-APPNEX)
12 13.32.121.95 16509 (AMAZON-02)
1 107.178.244.119 15169 (GOOGLE)
1 13.32.121.11 16509 (AMAZON-02)
2 23.35.236.188 16625 (AKAMAI-AS)
2 52.20.37.152 14618 (AMAZON-AES)
1 142.250.186.102 15169 (GOOGLE)
1 13.32.121.93 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
1 52.203.71.44 14618 (AMAZON-AES)
1 52.18.240.34 16509 (AMAZON-02)
79 39
2    92.204.4.78 (Strasbourg, France)

ASN8972 (GD-EMEA-DC-SXB1, DE)
PTR: vs242194.vs.hosteurope.de
rextester.com
2    2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ssl.google-analytics.com
3    94.31.29.32 (Islington, United Kingdom)

ASN33438 (STACKPATH, US)
PTR: 94.31.29.32.IPYX-077437-ZYO.above.net
cdn4.buysellads.net
1    2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
4    2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
securepubads.g.doubleclick.net
1    167.99.117.8 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
PTR: srv-us-ny-22.buysellads.com
srv.buysellads.com
2    2606:4700:20::681a:8a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
1    185.255.84.151 (Ivry-sur-Seine, France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
1    178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com
bidder.criteo.com
1    2602:803:c003:200::31 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
1    51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu
onetag-sys.com
1    54.146.39.184 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-39-184.compute-1.amazonaws.com
mantodea.mantisadnetwork.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    54.77.185.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-185-238.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
ap.lijit.com
3    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
1    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
1    35.241.34.106 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 106.34.241.35.bc.googleusercontent.com
c.4dex.io
5    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.fr
pagead2.googlesyndication.com
1    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:827::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com
2    2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
4    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
3    2a02:2638::1c (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
5    185.89.210.212 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
ams3-ib.adnxs.com
12    13.32.121.95 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-95.fra60.r.cloudfront.net
cdn.advanseads.com
1    107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 119.244.178.107.bc.googleusercontent.com
beacon.sojern.com
1    13.32.121.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-11.fra60.r.cloudfront.net
choices.truste.com
2    23.35.236.188 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-188.deploy.static.akamaitechnologies.com
cdn.adnxs.com
acdn.adnxs.com
2    52.20.37.152 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-37-152.compute-1.amazonaws.com
delivery.advanseads.com
1    142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net
ad.doubleclick.net
1    13.32.121.93 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-93.fra60.r.cloudfront.net
choices.trustarc.com
1    2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    52.203.71.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-71-44.compute-1.amazonaws.com
count.advanseads.com
1    52.18.240.34 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-240-34.eu-west-1.compute.amazonaws.com
tracker.book-secure.com
Apex Domain
Subdomains		 Transfer
15 advanseads.com
cdn.advanseads.com — Cisco Umbrella Rank: 14960
delivery.advanseads.com — Cisco Umbrella Rank: 17475
count.advanseads.com — Cisco Umbrella Rank: 12856
238 KB
10 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 128
198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 166
50 KB
10 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 257
secure.adnxs.com — Cisco Umbrella Rank: 436
ams3-ib.adnxs.com — Cisco Umbrella Rank: 6559
cdn.adnxs.com — Cisco Umbrella Rank: 1475
acdn.adnxs.com — Cisco Umbrella Rank: 623
61 KB
7 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 138
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 231
ad.doubleclick.net — Cisco Umbrella Rank: 217
140 KB
5 criteo.com
bidder.criteo.com — Cisco Umbrella Rank: 757
gum.criteo.com — Cisco Umbrella Rank: 410
mug.criteo.com — Cisco Umbrella Rank: 2434
8 KB
4 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2724
mp.4dex.io — Cisco Umbrella Rank: 3757
c.4dex.io — Cisco Umbrella Rank: 10288
25 KB
4 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 196
100 KB
3 google.com
www.google.com — Cisco Umbrella Rank: 17
adservice.google.com — Cisco Umbrella Rank: 103
2 KB
3 buysellads.net
cdn4.buysellads.net — Cisco Umbrella Rank: 16005
203 KB
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 649
57 KB
2 google.fr
www.google.fr — Cisco Umbrella Rank: 12638
adservice.google.fr — Cisco Umbrella Rank: 25180
1 KB
2 google-analytics.com
ssl.google-analytics.com — Cisco Umbrella Rank: 411
17 KB
2 rextester.com
rextester.com — Cisco Umbrella Rank: 857165
131 KB
1 book-secure.com
tracker.book-secure.com — Cisco Umbrella Rank: 239144
561 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 81
1 KB
1 trustarc.com
choices.trustarc.com — Cisco Umbrella Rank: 807
10 KB
1 truste.com
choices.truste.com — Cisco Umbrella Rank: 796
2 KB
1 sojern.com
beacon.sojern.com — Cisco Umbrella Rank: 5013
229 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 731
645 B
1 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2160
754 B
1 media.net
prebid.media.net — Cisco Umbrella Rank: 1409
904 B
1 mantisadnetwork.com
mantodea.mantisadnetwork.com — Cisco Umbrella Rank: 14104
338 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 849
360 B
1 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 549
1 KB
1 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4790
705 B
1 buysellads.com
srv.buysellads.com — Cisco Umbrella Rank: 18063
668 B
0 pubmatic.com Failed
hbopenbid.pubmatic.com Failed
79 27
Domain Requested by
12 cdn.advanseads.com secure.adnxs.com
delivery.advanseads.com
5 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com
4 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com
4 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
4 www.googletagservices.com cdn4.buysellads.net
198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com
secure.adnxs.com
www.googletagservices.com
3 ams3-ib.adnxs.com secure.adnxs.com
cdn.adnxs.com
3 gum.criteo.com 1 redirects static.criteo.net
secure.adnxs.com
3 ib.adnxs.com cdn4.buysellads.net
acdn.adnxs.com
3 cdn4.buysellads.net rextester.com
2 delivery.advanseads.com cdn.advanseads.com
delivery.advanseads.com
2 secure.adnxs.com 198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com
secure.adnxs.com
2 static.criteo.net cdn4.buysellads.net
static.criteo.net
2 198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com securepubads.g.doubleclick.net
2 script.4dex.io cdn4.buysellads.net
script.4dex.io
2 www.google.com 1 redirects tpc.googlesyndication.com
2 ssl.google-analytics.com 1 redirects rextester.com
2 rextester.com rextester.com
1 tracker.book-secure.com delivery.advanseads.com
1 count.advanseads.com delivery.advanseads.com
1 fonts.googleapis.com cdn.advanseads.com
1 acdn.adnxs.com 198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com
1 choices.trustarc.com choices.truste.com
1 ad.doubleclick.net www.googletagservices.com
1 cdn.adnxs.com secure.adnxs.com
1 choices.truste.com secure.adnxs.com
1 beacon.sojern.com secure.adnxs.com
1 mug.criteo.com
1 adservice.google.com securepubads.g.doubleclick.net
1 adservice.google.fr securepubads.g.doubleclick.net
1 c.4dex.io rextester.com
1 mp.4dex.io cdn4.buysellads.net
1 ap.lijit.com cdn4.buysellads.net
1 ads.servenobid.com cdn4.buysellads.net
1 prebid.media.net cdn4.buysellads.net
1 mantodea.mantisadnetwork.com cdn4.buysellads.net
1 onetag-sys.com cdn4.buysellads.net
1 fastlane.rubiconproject.com cdn4.buysellads.net
1 bidder.criteo.com cdn4.buysellads.net
1 hb-api.omnitagjs.com cdn4.buysellads.net
1 srv.buysellads.com cdn4.buysellads.net
1 www.google.fr rextester.com
1 stats.g.doubleclick.net 1 redirects
0 hbopenbid.pubmatic.com Failed cdn4.buysellads.net
79 43

This site contains links to these domains. Also see Links.

Domain
groups.google.com
www.patreon.com
Subject Issuer Validity Valid
rextester.com
ZeroSSL RSA Domain Secure Site CA		 2021-12-13 -
2022-12-13		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.buysellads.net
Sectigo RSA Domain Validation Secure Server CA		 2021-08-03 -
2022-09-03		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.buysellads.com
Sectigo RSA Domain Validation Secure Server CA		 2022-05-09 -
2023-06-09		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-06-07 -
2023-06-06		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2022-06-21 -
2023-07-21		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.mantisadnetwork.com
Amazon		 2021-10-14 -
2022-11-11		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2022-04-06 -
2023-05-04		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-06-27 -
2023-06-05		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
c.4dex.io
GTS CA 1D4		 2022-07-11 -
2022-10-09		 3 months crt.sh
*.google.fr
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.criteo.net
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-21 -
2022-09-23		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.advanseads.com
Go Daddy Secure Certificate Authority - G2		 2021-09-27 -
2022-09-24		 a year crt.sh
*.sojern.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-12-16 -
2023-01-16		 a year crt.sh
*.truste.com
Amazon		 2022-01-17 -
2023-02-15		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.trustarc.com
Amazon		 2022-05-17 -
2023-06-15		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-06-27 -
2022-09-19		 3 months crt.sh
*.book-secure.com
Gandi Standard SSL CA 2		 2022-01-25 -
2023-02-22		 a year crt.sh

This page contains 9 frames:

Primary Page: https://rextester.com/SWAT66620
Frame ID: 0EEE37A34F4E6C557A61AEB51E07321C
Requests: 34 HTTP requests in this frame

Frame: https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: C162D593C86610DE8DA3F6D637002F3E
Requests: 1 HTTP requests in this frame

Frame: https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 6ABDE8EC3C36789E6B149E1C993848A8
Requests: 19 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=rextester.com
Frame ID: 8769B09691F24F580406F1F86FA24B46
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 738D29264ACF6E3F29EFD433B09112B6
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 696E1628BEC4941861126E6573D6EB53
Requests: 2 HTTP requests in this frame

Frame: https://delivery.advanseads.com/1.0/ifr.php?zid=77194&dt=2&cb=350976769&c=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FGi_dJAaBhT_QyyiWW1p9PwAAAIA9Crc_0MsolltafT8aL90kBoGFPzD94yjEzpBO6VWiO-bAkRn5qdZiAAAAAGMBHQHKIAAA6h8AAAIAAAAsR9UPmKoUAAAAAABVU0QAVVNEAHgAWAJrrgAAAAABAgUCAAAAAMwAJiS0SwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TxY9QgjUvc8VEKyO1X4YmNVSIAAoADGamZmZmZm5PzoJQU1TMzo2MTI2QOouSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNBTVMzOjYxMjY%3D%2Fbn%3D97033%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%25253Fxai%25253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%252526sai%25253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%252526sig%25253DCg0ArKJSzNDBXwpXjtxZEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D&i=5661252073499655472&&&cb=464456&adv_imp=32d1707c-2d70-4f47-bc65-5c16d5e2648a&gen_imp=true&adv_int_imp=ea2580e9-2807-419a-a471-a36423039597&zf=%7B%22property_code%22%3A%22frpar14846_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Frame ID: D18B64134D01646D43F6BF4C6C17CA4E
Requests: 16 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N163801.279382BIDMANAGER_DFASITE/B11009375.223228466;dc_ver=90.265;sz=1x1;u_sd=1;gdpr=0;aucid=5661252073499655472;crid=265635628;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=3756772999;ord=wr53cg;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FGi_dJAaBhT_QyyiWW1p9PwAAAIA9Crc_0MsolltafT8aL90kBoGFPzD94yjEzpBO6VWiO-bAkRn5qdZiAAAAAGMBHQHKIAAA6h8AAAIAAAAsR9UPmKoUAAAAAABVU0QAVVNEAHgAWAJrrgAAAAABAgUCAAAAAMwAJiS0SwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TxY9QgjUvc8VEKyO1X4YmNVSIAAoADGamZmZmZm5PzoJQU1TMzo2MTI2QOouSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNBTVMzOjYxMjY%3D%2Fbn%3D97033%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%25253Fxai%25253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%252526sai%25253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%252526sig%25253DCg0ArKJSzNDBXwpXjtxZEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Frextester.com%2F$0;xdt=1;crlt=T0.lNkVZd6;gcsr=m;stc=1;chaa=1;sttr=42;prcl=s
Frame ID: A3ACD8A301756CC17887DF6F294D8389
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Frame ID: AF7B7512428071ED18AE087CD40EE8C5
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

CJsk87uJKhsy7w7, C# - rextester

Detected technologies

Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

79
Requests

96 %
HTTPS

38 %
IPv6

27
Domains

43
Subdomains

39
IPs

7
Countries

1050 kB
Transfer

2908 kB
Size

17
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=722455506&utmhn=rextester.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=CJsk87uJKhsy7w7%2C%20C%23%20-%20rextester&utmhid=1621143849&utmr=-&utmp=%2FSWAT66620&utmht=1658235381706&utmac=UA-15090815-2&utmcc=__utma%3D178476455.1619015751.1658235382.1658235382.1658235382.1%3B%2B__utmz%3D178476455.1658235382.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=582666845&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15090815-2&cid=1619015751.1658235382&jid=582666845&_v=5.7.2&z=722455506 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15090815-2&cid=1619015751.1658235382&jid=582666845&_v=5.7.2&z=722455506 HTTP 302
  • https://www.google.fr/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15090815-2&cid=1619015751.1658235382&jid=582666845&_v=5.7.2&z=722455506&slf_rd=1&random=2298636821
Request Chain 37
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=rextester.com&sn=ChromeSyncframe&so=0&topUrl=rextester.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=5mgnU3xqUmdvR0NCVytFQ0gzVU1GR2Y2cHEweVJFSmpQN1pwZkdpNENTT1RoT2Nqb1I1TlZTQ3huTElIekEybkNlTFpGTTJIWXBFRlBsNGplYzRXaDRqZ2h4Y1FKV2dwWXBBQnlEVFc5dUhUN1JrdUtqWTRCendIYkFWR3V0QlQ3azZkeGhBRXdJSmQwdnpJMGtrdDBkUUxDOXllNmtuTjVFRkhRdWE0UHZ0dkdMeFM2SW1pRGM4RWs0SnMxTmd0dVFQcEFoU0tmUC9iTzZqVHQ0VEZEN2lxZU5NT0FBZUFlblVGb0VxKzNaUlNJY0orU0x2ZFUrenRTNU94RE40Ym8xOTQvVXppSVN0RnBEeGhEQmdvUUFYWkhZQT09fA&cppv=2

79 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request SWAT66620
rextester.com/ 		284 KB
96 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rextester.com/SWAT66620
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
92.204.4.78 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
vs242194.vs.hosteurope.de
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2e71574c6d39f4478d57c1a2ade15474de6ac9871f9fa4bd5e50ee00ddf4eb97

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
98195
Content-Type
text/html; charset=utf-8
Date
Tue, 19 Jul 2022 12:56:40 GMT
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET
jquery-latest.min.js
rextester.com/Scripts/ 		112 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rextester.com/Scripts/jquery-latest.min.js
Requested by
Host: rextester.com
URL: https://rextester.com/SWAT66620
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
92.204.4.78 Strasbourg, France, ASN8972 (GD-EMEA-DC-SXB1, DE),
Reverse DNS
vs242194.vs.hosteurope.de
Software
Microsoft-IIS/8.5 / ASP.NET
Resource Hash
2c6e0f0e40ee0c2dba52532421f6978b2861deb34e9a8271aa3aa9b52fc4be5c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/SWAT66620
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 12:56:40 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Jan 2022 09:04:12 GMT
Server
Microsoft-IIS/8.5
X-Powered-By
ASP.NET
ETag
"08ed5d95c13d81:0"
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
35461
ga.js
ssl.google-analytics.com/ 		45 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: rextester.com
URL: https://rextester.com/SWAT66620
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
3917
date
Tue, 19 Jul 2022 11:51:04 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
17168
expires
Tue, 19 Jul 2022 13:51:04 GMT
rextester.js
cdn4.buysellads.net/pub/ 		574 KB
202 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn4.buysellads.net/pub/rextester.js?1658235000000
Requested by
Host: rextester.com
URL: https://rextester.com/SWAT66620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 Islington, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
6c91463e24cbf9785b91af79d2f91d96d193d0f069be612101ad676528837b23

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:56:21 GMT
content-encoding
gzip
last-modified
Tue, 19 Jul 2022 12:51:36 GMT
server
NetDNA-cache/2.2
x-amz-request-id
0DEYJYS0A3TT2FXF
etag
W/"28dafdb160b6dc0f5dca27b542525ffb"
x-cache
HIT
content-type
application/javascript
cache-control
max-age=31104000
x-amz-id-2
xzrsntL10QKfOKIrkbO6UR6k7NMfmWTmxi/2JF/x9bj9HYt9lMl4diGWjHBY3j6XTs2jbcxCmQc=
expires
Fri, 14 Jul 2023 12:56:21 GMT
truncated
/ 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ed23eedcffab565677aac0e6a13aa69b5a86b9bbb154a2be0018f2d23a308df

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
ga-audiences
www.google.fr/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=722455506&utmhn=rextester.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=CJsk87u...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-15090815-2&cid=1619015751.1658235382&jid=582666845&_v=5.7.2&z=722455506
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15090815-2&cid=1619015751.1658235382&jid=582666845&_v=5.7.2&z=722455506
  • https://www.google.fr/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15090815-2&cid=1619015751.1658235382&jid=582666845&_v=5.7.2&z=722455506&slf_rd=1&random=2298636821
42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15090815-2&cid=1619015751.1658235382&jid=582666845&_v=5.7.2&z=722455506&slf_rd=1&random=2298636821
Requested by
Host: rextester.com
URL: https://rextester.com/SWAT66620
Protocol
H2
Server
2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 12:56:22 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Jul 2022 12:56:21 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/html; charset=UTF-8
location
https://www.google.fr/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-15090815-2&cid=1619015751.1658235382&jid=582666845&_v=5.7.2&z=722455506&slf_rd=1&random=2298636821
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gpt.js
www.googletagservices.com/tag/js/ 		83 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1658235000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
405acb6023cedd16e88981069ad5e3b7f167e0cf350af425b3b1244b7706d662
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:56:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28491
x-xss-protection
0
server
sffe
etag
"1277 / 201 of 1000 / last-modified: 1658228785"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 19 Jul 2022 12:56:21 GMT
acceptable.gif
cdn4.buysellads.net/ 		43 B
369 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.buysellads.net/acceptable.gif?ch=1&rn=5.741049832511882
Requested by
Host: rextester.com
URL: https://rextester.com/SWAT66620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 Islington, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:56:21 GMT
last-modified
Fri, 19 Jul 2019 16:45:51 GMT
server
NetDNA-cache/2.2
x-amz-request-id
4Z94KG6T7FPYY4SG
etag
"b4491705564909da7f9eaf749dbbfbb1"
x-cache
MISS
content-type
image/gif
cache-control
max-age=31104000
accept-ranges
bytes
content-length
43
x-amz-id-2
j5wJmxWsdMjMQQ0UqI3l+gF+L8kYVCKWhxd0DFKhWFVSnWmUcgnTc6BCghcxcBRZt5rHxB3S/90=
expires
Fri, 14 Jul 2023 12:56:21 GMT
acceptable.gif
cdn4.buysellads.net/ 		43 B
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn4.buysellads.net/acceptable.gif?ch=2&rn=5.741049832511882
Requested by
Host: rextester.com
URL: https://rextester.com/SWAT66620
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.31.29.32 Islington, United Kingdom, ASN33438 (STACKPATH, US),
Reverse DNS
94.31.29.32.IPYX-077437-ZYO.above.net
Software
NetDNA-cache/2.2 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:56:22 GMT
last-modified
Fri, 19 Jul 2019 16:45:51 GMT
server
NetDNA-cache/2.2
x-amz-request-id
4Z9DFDXNHET5NWAN
etag
"b4491705564909da7f9eaf749dbbfbb1"
x-cache
MISS
content-type
image/gif
cache-control
max-age=31104000
accept-ranges
bytes
content-length
43
x-amz-id-2
6Y6rhRX2mvCQPvs2TfUJKUxKwUUIoUtbzcc067ehBkuoVGcD55No79SZo+kEiqQIV4GYr0fYbw0=
expires
Fri, 14 Jul 2023 12:56:22 GMT
pubads_impl_2022071401.js
securepubads.g.doubleclick.net/gpt/ 		377 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
sffe /
Resource Hash
fe7bd8cacf9680625b7da9649a92bee8ab705909190040bad2396b2d6ca9436e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:48:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
492
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131659
x-xss-protection
0
last-modified
Thu, 14 Jul 2022 08:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 19 Jul 2023 12:48:09 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		70 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=rextester.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
b3c8a48d116a26a0f6f4266bc38c2e3df5971a53dc8cffae9c7edfe05081eb1a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Jul 2022 12:56:21 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
69
x-xss-protection
0
expires
Tue, 19 Jul 2022 12:56:21 GMT
CEADP5QE.json
srv.buysellads.com/ads/ 		934 B
668 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://srv.buysellads.com/ads/CEADP5QE.json?forcebanner=458687&ignoretargeting=yes
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1658235000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
167.99.117.8 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
srv-us-ny-22.buysellads.com
Software
//srv.buysellads.com /
Resource Hash
c92051548889239b680f82ccf1dda41686b27dc53439d864e77424287dfa9c55

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

access-control-allow-origin
*
date
Tue, 19 Jul 2022 12:56:22 GMT
content-encoding
gzip
server
//srv.buysellads.com
content-length
555
vary
Accept-Encoding
content-type
application/json; charset=utf-8
localstore.js
script.4dex.io/ 		483 B
973 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1658235000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:56:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
781340
content-type
application/javascript
x-amz-request-id
txc6abd54ace594ae2a5b2f-00629f4bc7
x-amz-id-2
txc6abd54ace594ae2a5b2f-00629f4bc7
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tRCPH3Zl0Pjr13XKQao2OoLfKP3NHmoZir%2Bk14ZsDC5Lr9nG%2B2Ec0lqzV8rPftkLIofREhL8EdoP6DYyYVJUC9yF915fpsjHJgkoVEu8cW8FsNK6IBa8djQF3HLEgGJYoHsiRprGXmL5nfOo"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1652176652152482
cache-control
public, max-age=1800
cf-ray
72d39de3cac49bce-FRA
expires
Tue, 19 Jul 2022 13:26:22 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		356 B
705 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Frextester.com%2FSWAT66620&PublisherDomain=https%3A%2F%2Frextester.com
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1658235000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 Ivry-sur-Seine, France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
a57f7a6c76b43c6ae5f6c979dcd1e8cd360e06db5721d1b059bce60c3aa7ca9d
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://rextester.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 12:56:22 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rextester.com
access-control-max-age
3600
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
185
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
356
expires
0
cdb
bidder.criteo.com/ 		18 B
311 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.43.0&cb=58837379731
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1658235000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
bidder.par.vip.prod.criteo.com
Software
Finatra /
Resource Hash
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://rextester.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Jul 2022 12:56:21 GMT
content-encoding
gzip
server
Finatra
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rextester.com
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; preload;
timing-allow-origin
*
content-length
44
fastlane.json
fastlane.rubiconproject.com/a/api/ 		345 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18812&site_id=371750&zone_id=2030448&size_id=9&alt_size_ids=8&rp_schain=1.0,1!buysellads.com,856,1,,,&rf=https%3A%2F%2Frextester.com%2FSWAT66620&tg_i.pbadslot=8691100%2FRextester_S2S_Sidebar_ROS_ATF%23bsa-zone_1573677541197-0_123456&tk_flint=pbjs_lite_v4.43.0&x_source.tid=955ce82f-9737-4b4c-afe5-41445feae29f&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.27508272802315314
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1658235000000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c003:200::31 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0d7c10c7f5c284f077d20152445721b08a04036628fe637e506ecb24036ace5b

Request headers

Referer
https://rextester.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 19 Jul 2022 12:56:22 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://rextester.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
345
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid-request
onetag-sys.com/ 		15 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1658235000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip254.ip-51-89-9.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://rextester.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://rextester.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
display
mantodea.mantisadnetwork.com/prebid/ 		56 B
338 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mantodea.mantisadnetwork.com/prebid/display?tz=0&buster=1658235382305&secure=true&version=9&title=CJsk87uJKhsy7w7%2C%20C%23%20-%20rextester&url=https%3A%2F%2Frextester.com%2FSWAT66620&measurable=true&bids[0][bidId]=11fab065aa24729&bids[0][config][property]=618afaa2b05d000015cf6c50&bids[0][config][zone]=Rextester_S2S_Sidebar_ROS_ATF&bids[0][sizes][0][width]=160&bids[0][sizes][0][height]=600&bids[0][sizes][1][width]=120&bids[0][sizes][1][height]=600&property=618afaa2b05d000015cf6c50&foo
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1658235000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.146.39.184 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-146-39-184.compute-1.amazonaws.com
Software
/ Express
Resource Hash
0483ebf3723ce75faa24b3235f0012b52eacc864edb8ea70534a5389d4341c22

Request headers

Referer
https://rextester.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 12:56:22 GMT
x-powered-by
Express
etag
W/"38-XIOZym4cJeiimv7mgF1k42v4ink"
vary
Origin
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://rextester.com
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
expires
-1
prebid
prebid.media.net/rtb/ 		1 KB
904 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU18831I
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1658235000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
add9f13f5a448474f76e5b841567592d87e885e46a781adbc65074b8c18ea1bf

Request headers

Referer
https://rextester.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 12:56:22 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://rextester.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
clear
via
1.1 google
adreq
ads.servenobid.com/ 		1 KB
754 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=4108
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1658235000000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.185.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-185-238.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ad6934160e7811f2b7311649cc072a9d0fab6e170b14270c02843b3c2317e5b6

Request headers

Referer
https://rextester.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

date
Tue, 19 Jul 2022 12:56:22 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://rextester.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
bid
ap.lijit.com/rtb/ 		24 B
645 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_4.43.0
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1658235000000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
/
Resource Hash
66be27b692805dcb02d18017a446929b3b11181545457e2e72d0c02cf556db76

Request headers

Referer
https://rextester.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Date
Tue, 19 Jul 2022 12:56:22 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://rextester.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap2ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
translator
hbopenbid.pubmatic.com/ 		0
0
prebid
ib.adnxs.com/ut/v3/ 		145 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1658235000000
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
5a2d04f132fe18a2606b62dc286539ffb92272fd2913574b4eac833c1f29aac4
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rextester.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Tue, 19 Jul 2022 12:56:22 GMT
X-Proxy-Origin
178.33.144.179; 178.33.144.179; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
82d6f2f3-514b-4014-90f4-2cf850671d69
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://rextester.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
145
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
mp.4dex.io/ 		114 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1658235000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2949815c9100abbd83905c82047450218f51598cf435500c05e9914b0fe25805

Request headers

Referer
https://rextester.com/
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
72d39de3c9b2404f-CDG
pragma
no-cache
date
Tue, 19 Jul 2022 12:56:22 GMT
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://rextester.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
server
cloudflare
expires
0
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:8a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:56:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
947415
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
tx25362ae0c5ad4832932b3-00629f4c19
x-amz-id-2
tx25362ae0c5ad4832932b3-00629f4c19
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l0G3VWH3MvRo3DvR6hACZA42aBuHLFWenOdfAomYcAgmOY3bj44uboohBsux0oCRWOy8vp5c%2FFUJBNnjw8LTwNn9OisL9ntiH89tzU4TlWboM8y5zC3DHu44QKgWdoq7pAI1wpemtqI2bPGT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
72d39de45cdd9b64-FRA
access-control-allow-headers
Authorization
bids.gif
c.4dex.io/ 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.4dex.io/bids.gif?adu_code=bsa-zone_1573677541197-0_123456&evt=init&ts=1658235382490&pv_id=26ccb507-ad5c-4280-8194-a4da0c23d0c5&amts=ban&asizes=160x600%7C120x600&url=https%3A%2F%2Frextester.com%2FSWAT66620&auct_id=9fc7247d-647e-40d3-84ae-d882affe6581&auct_start=1658235382298&auct_end=-1&v=1&js_late=1&js_ts=&navs_ts=1658235380577&partid=2022071912&bidders=adyoulike%2Ccriteo%2Crubicon%2Conetag%2Cmantis%2Cmedianet%2Cnobid%2Csovrn%2Cpubmatic%2Cappnexus%2Cadagio&cpm=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cpm_adjst_rate=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&net_rev=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cur_rate=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&ttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&bttr=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&sts=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&w=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&h=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&deal=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&timeout=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&won=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&no_bid=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&crea_id=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&mt=%2C%2C%2C%2C%2C%2C%2C%2C%2C%2C&cat=&dvc=2&env=desktop&org_id=1116&pgtyp=&plcmt=Rextester_S2S_Sidebar_ROS_ATF&site=Rextester-com&subcat=&os=windows&brwsr=chrome&u_ts=1658235382&adgjsv=1.15.0
Requested by
Host: rextester.com
URL: https://rextester.com/SWAT66620
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.34.106 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
106.34.241.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:56:22 GMT
via
1.1 google
server
nginx
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
-1
integrator.js
adservice.google.fr/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.fr/adsid/integrator.js?domain=rextester.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Jul 2022 12:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=rextester.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Jul 2022 12:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		20 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3284866998420991&correlator=4481347125636839&eid=44761477%2C31068367%2C31068502%2C42531606&output=ldjh&gdfp_req=1&vrg=2022071401&ptt=17&impl=fifs&iu_parts=8691100%2CRextester_S2S_Sidebar_ROS_ATF&enc_prev_ius=%2F0%2F1&prev_iu_szs=160x600%7C120x600&ifi=1&adks=1248755704&sfv=1-0-38&ecs=20220719&fsapi=false&prev_scp=optimize_ad_unit_id%3Dbsa-zone_1573677541197-0_123456%26optimize_inview%3Dfalse%26optimize_refresh_int%3D0&eri=1&cust_params=optimize_refreshed%3Dfalse%26optimize_acceptable%3Dfalse%26optimize_adl_debug%3Dfalse%26optimize_ctv_debug%3Dfalse%26optimize_debug%3Dfalse%26optimize%3Dtrue%26optimize_adl_id%3D%26optimize_amp%3Dfalse%26optimize_audience%3Ddev%26optimize_env%3Dprod%26optimize_pub%3Drextester%26optimize_xp%3Da&sc=1&cookie_enabled=1&abxe=1&dt=1658235384820&lmt=1658235384&dlt=1658235381501&idt=565&adxs=1429&adys=99&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Frextester.com%2FSWAT66620&frm=20&vis=1&psz=162x933&msz=160x0&fws=0&ohw=0&ga_vid=1619015751.1658235382&ga_sid=1658235382&ga_hid=1621143849&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
1fc15513886ad3f92fe98613537931ef9b0283ece47d6cc76d2ff6b6b67f4a76
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:56:24 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9797
x-xss-protection
0
google-lineitem-id
5320060794
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138305458998
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://rextester.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022071401&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f9de4b0e49d54cdd7df64e629fa7506e808d18f53a681ae25d79888c6a77b7c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Jul 2022 12:56:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11112
x-xss-protection
0
container.html
198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame C162 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rextester.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Jul 2022 12:56:24 GMT
expires
Wed, 19 Jul 2023 12:56:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: cdn4.buysellads.net
URL: https://cdn4.buysellads.net/pub/rextester.js?1658235000000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:56:24 GMT
content-encoding
gzip
last-modified
Fri, 08 Jul 2022 20:59:27 GMT
server
nginx
etag
W/"62c89aaf-15b76"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Jul 2022 12:56:24 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:56:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Jul 2022 12:56:25 GMT
container.html
198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6ABD 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022071401.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rextester.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Jul 2022 12:56:24 GMT
expires
Wed, 19 Jul 2023 12:56:24 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
syncframe
gum.criteo.com/ Frame 8769 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=rextester.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://rextester.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-length
6144
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Jul 2022 12:56:24 GMT
server-processing-duration-in-ticks
2136
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
publishertag.prebid.js
static.criteo.net/js/ld/ 		87 KB
28 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:56:25 GMT
content-encoding
gzip
last-modified
Fri, 08 Jul 2022 20:59:27 GMT
server
nginx
etag
W/"62c89aaf-15b76"
strict-transport-security
max-age=31536000; preload;
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Wed, 20 Jul 2022 12:56:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 738D 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://rextester.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

accept-ranges
bytes
age
5116
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 19 Jul 2022 11:31:09 GMT
expires
Wed, 19 Jul 2023 11:31:09 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 696E 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d06948024e81b1b23f475b4b37aa25f9127f3e49021bd1d9435ac5ab1cedbdd3
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-lbrm3lkmxK6-EvBbhT3PeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://rextester.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-lbrm3lkmxK6-EvBbhT3PeA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 19 Jul 2022 12:56:25 GMT
expires
Tue, 19 Jul 2022 12:56:25 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
sid
mug.criteo.com/ Frame 8769
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=rextester.com&sn=ChromeSyncframe&so=0&topUrl=rextester.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=5mgnU3xqUmdvR0NCVytFQ0gzVU1GR2Y2cHEweVJFSmpQN1pwZkdpNENTT1RoT2Nqb1I1TlZTQ3huTElIekEybkNlTFpGTTJIWXBFRlBsNGplYzRXaDRqZ2h4Y1FKV2dwWXBBQnlEVFc5dUhUN1JrdUtqWTRCendIYkFWR3...
428 B
628 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=5mgnU3xqUmdvR0NCVytFQ0gzVU1GR2Y2cHEweVJFSmpQN1pwZkdpNENTT1RoT2Nqb1I1TlZTQ3huTElIekEybkNlTFpGTTJIWXBFRlBsNGplYzRXaDRqZ2h4Y1FKV2dwWXBBQnlEVFc5dUhUN1JrdUtqWTRCendIYkFWR3V0QlQ3azZkeGhBRXdJSmQwdnpJMGtrdDBkUUxDOXllNmtuTjVFRkhRdWE0UHZ0dkdMeFM2SW1pRGM4RWs0SnMxTmd0dVFQcEFoU0tmUC9iTzZqVHQ0VEZEN2lxZU5NT0FBZUFlblVGb0VxKzNaUlNJY0orU0x2ZFUrenRTNU94RE40Ym8xOTQvVXppSVN0RnBEeGhEQmdvUUFYWkhZQT09fA&cppv=2
Protocol
H2
Server
178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
aa74ac2be95a86a2948154dcd3405057382f91522449b8f25db15f97ea4fb226
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Jul 2022 12:56:24 GMT
content-encoding
gzip
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
4503
strict-transport-security
max-age=31536000; preload;
expires
0

Redirect headers

pragma
no-cache
date
Tue, 19 Jul 2022 12:56:24 GMT
strict-transport-security
max-age=31536000; preload;
content-type
text/html; charset=utf-8
location
https://mug.criteo.com/sid?cpp=5mgnU3xqUmdvR0NCVytFQ0gzVU1GR2Y2cHEweVJFSmpQN1pwZkdpNENTT1RoT2Nqb1I1TlZTQ3huTElIekEybkNlTFpGTTJIWXBFRlBsNGplYzRXaDRqZ2h4Y1FKV2dwWXBBQnlEVFc5dUhUN1JrdUtqWTRCendIYkFWR3V0QlQ3azZkeGhBRXdJSmQwdnpJMGtrdDBkUUxDOXllNmtuTjVFRkhRdWE0UHZ0dkdMeFM2SW1pRGM4RWs0SnMxTmd0dVFQcEFoU0tmUC9iTzZqVHQ0VEZEN2lxZU5NT0FBZUFlblVGb0VxKzNaUlNJY0orU0x2ZFUrenRTNU94RE40Ym8xOTQvVXppSVN0RnBEeGhEQmdvUUFYWkhZQT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
1926
content-length
541
expires
0
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6ABD 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: 198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com
URL: https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sat, 16 Jul 2022 18:55:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
237676
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Sun, 16 Jul 2023 18:55:09 GMT
ttj
secure.adnxs.com/ Frame 6ABD 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ttj?id=18678115&size=120x600&cb=1075836691&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%2526sai%253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%2526sig%253DCg0ArKJSzNDBXwpXjtxZEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: 198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com
URL: https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
252c29ef62b802327c45deee24d6928edb38c5a3369ccc4d29a54ae3b9584acb
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 12:56:25 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
178.33.144.179; 178.33.144.179; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
1e4ef33d-a22f-4ef2-b183-75d2a74cfb50
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 6ABD 		137 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: 198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com
URL: https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:56:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
43203
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1658144321100200"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 19 Jul 2022 12:56:25 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 6ABD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw&sai=AMfl-YTuwv6BUyMekXqPlPW2SWjVnhxcauvz1sKa2ISCifXA3D7LAvLVTYrQu6SArsFsLJf2lkcLy-IKMPvZsGwtMCXZmIn1oRjDUSaWqH0q0Wox7yWfeq51SOd15yell-E&sig=Cg0ArKJSzLPU0d0jfr29EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: 198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com
URL: https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Jul 2022 12:56:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 19 Jul 2022 12:56:25 GMT
x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
pagead2.googlesyndication.com/bg/ Frame 738D 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/x-7aydTzyDGf5pB5jP33n95ytuiMcqG17W4hZ3yQxPE.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 11:25:57 GMT
content-encoding
br
x-content-type-options
nosniff
age
5428
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13770
x-xss-protection
0
last-modified
Fri, 01 Jul 2022 16:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Wed, 19 Jul 2023 11:25:57 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 696E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022071401&jk=3284866998420991&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
sync
gum.criteo.com/ Frame 6ABD 		51 B
376 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=30&r=2&j=cr_handle_data_a
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18678115&size=120x600&cb=1075836691&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%2526sai%253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%2526sig%253DCg0ArKJSzNDBXwpXjtxZEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
/
Resource Hash
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:56:25 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
2896
strict-transport-security
max-age=31536000; preload;
content-length
169
expires
60
ttj
secure.adnxs.com/ Frame 6ABD 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ttj?ttjb=1&bdc=1658235385&bdh=n0mPiUBTM1CD64l9aLOIoMg_hLA.&&bdref=https%3A%2F%2Frextester.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Frextester.com%2F,https%3A%2F%2F198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=120x600&cb=1075836691&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%2526sai%253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%2526sig%253DCg0ArKJSzNDBXwpXjtxZEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?id=18678115&size=120x600&cb=1075836691&pubclick=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%2526sai%253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%2526sig%253DCg0ArKJSzNDBXwpXjtxZEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
89a6fec31829f46f8d5e017f4c8a82e48347794c88c9fdcd6cbbe33eaf436730
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 12:56:25 GMT
Content-Encoding
gzip
X-Creative-ID
265635628
Transfer-Encoding
chunked
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
178.33.144.179; 178.33.144.179; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
017beb94-e0bc-43e2-89c2-8f95a5afe078
Server
nginx/1.21.3
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
generate_204
tpc.googlesyndication.com/ Frame 738D 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?_95jQA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:56:25 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
adv_jstag_2.js
cdn.advanseads.com/content_server/1.0/ Frame 6ABD 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/content_server/1.0/adv_jstag_2.js
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1658235385&bdh=n0mPiUBTM1CD64l9aLOIoMg_hLA.&&bdref=https%3A%2F%2Frextester.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Frextester.com%2F,https%3A%2F%2F198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=120x600&cb=1075836691&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%2526sai%253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%2526sig%253DCg0ArKJSzNDBXwpXjtxZEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
70f7b6feaec4f65bae5e9eab6f60dbd1f08a96b90227a8559335e7be3d282a09

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 12:56:05 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 13 Jul 2022 16:21:38 GMT
Server
AmazonS3
Age
21
ETag
"faa964e28f5638cb3347152539ccf7b9"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
Cache-Control
max-age=60
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
4214
X-Amz-Cf-Id
gQWg8Natb7hXwKQ79r41EKMpJs73aYu4zbQoECEpbp87wETq4xFISA==
dcmads.js
www.googletagservices.com/dcm/ Frame 6ABD 		23 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/dcmads.js
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1658235385&bdh=n0mPiUBTM1CD64l9aLOIoMg_hLA.&&bdref=https%3A%2F%2Frextester.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Frextester.com%2F,https%3A%2F%2F198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=120x600&cb=1075836691&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%2526sai%253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%2526sig%253DCg0ArKJSzNDBXwpXjtxZEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2880
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8749
x-xss-protection
0
last-modified
Wed, 29 Jun 2022 21:33:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Tue, 19 Jul 2022 13:08:25 GMT
apn
beacon.sojern.com/imp/ Frame 6ABD 		42 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.sojern.com/imp/apn?auc=5661252073499655472&cr=265635628&seg=&st=0&bp=0.0105&pp=0.0105&aaid=&idfa=&ord=350976769
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1658235385&bdh=n0mPiUBTM1CD64l9aLOIoMg_hLA.&&bdref=https%3A%2F%2Frextester.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Frextester.com%2F,https%3A%2F%2F198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=120x600&cb=1075836691&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%2526sai%253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%2526sig%253DCg0ArKJSzNDBXwpXjtxZEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
119.244.178.107.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:56:25 GMT
via
1.1 google
p3p
policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
vary
Accept-Encoding
content-type
image/gif
ca
choices.truste.com/ Frame 6ABD 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=350976769&sz=120x600&js=st_dapp
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1658235385&bdh=n0mPiUBTM1CD64l9aLOIoMg_hLA.&&bdref=https%3A%2F%2Frextester.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Frextester.com%2F,https%3A%2F%2F198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=120x600&cb=1075836691&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%2526sai%253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%2526sig%253DCg0ArKJSzNDBXwpXjtxZEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.11 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-11.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:56:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding, Origin
content-length
918
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 857b0dca772798c338c78a1be69c955c.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id
7rBeLm_YyHJevRuSDbTqgTQBZVBcVolYrEwU-ZWCVKkkskxiy4Eg8w==
expires
Mon, 26 Jul 1997 05:00:00 GMT
it
ams3-ib.adnxs.com/ Frame 6ABD 		0
817 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%3A%2F%2Frextester.com%2F&e=wqT_3QKnEPBMJwgAAAMA1gAFAQj509qWBhCw-o_HwtizyE4Y6auJ3eOc8MgZKjYJGi_dJAaBhT8R0MsolltafT8ZAAAAgD0Ktz8h0MsolltafT8pGi8JJNAxAAAAQOF6hD8w44L0CDjKQUDqP0gCUKyO1X5YmNVSYABo69yaAXiJ9gWAAQGKAQNVU0SSAQEG8ECYAXigAdgEqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA6gGQBWh0dHBzJTNBJTJGJTJGYWRjbGljay5nLmRvdWJsZQkOLG5ldCUyRnBjcyUyRgUSHCUyNTNGeGFpAQj0KwVEQUtBT2pzdDVHUkRyeDJCd0U1TW9aZi1sUFYtRzFxX05DQUNBeTI4T2FXbVhQalMtSmVSUWpJWTJoaGdkRGRSWVFaSGdWUUpmZ2FacTFRakdJYWZfdDdVcU5NQWIxanZxMmt2ZzRrNjZMbEtmV08zbGExTGE5dFBfOWQ5SWs3elJod1JOd250aDZ1d0RWYkNmdF9TVEZMNGdDa19vYkhLUjJyVVJVWHRCVXlHcXh6blpyVlRXSVExUzl1MEtVYndiVUZMMGhKNWk1VEVZOXhybVFlMWlWclI4bDlJQ08yMXBCclVmd2FzR09aNVlQd3BySk9QZGhoRUxWUE15N2pfeXVNVkVjaXRJcWthX2Y4Tml3dlJ6cnFBYzNITjdRU2hLMU9ic3RZMDYzMlBpOGstMmdJRTI5d1JlaE5PeFhZWGR1d01UMERwZDdxbVgtSkM0Z0xGdyUyNTI2c2FpJTI1M0RBTWZsLVlSUUYtNmI0d2EyQ0JtaWlQWFZJSElseXhoblBwZHRFUnFIREhXZktQbHZnUGllZHIxM3RqY082bW1MZ3VndHhpMUVsSHJqdFdHQjZPV0RQdzNUbzllTkdpSHk2enBGZlYwekZ6ZWQxVDZXZnh2RXcwaHg0R2Z0a1ZRYkJDayUyNTI2c2lnJTI1M0RDZzBBcktKU3pOREJYd3BYanR4WkVBRSUyNTI2ZmJzX2FlaWQlMjUzRCUyNTVCZ3dfZmJzYWVpZCUyNTVEJTI1MjZ1cmxmaXglMjUzRDElMjUyNmFkdXJsJTI1M0TwAQCKApUBdWYoJ2EnLCAyOTM3MTExLCAxNjU4MjM1Mzg1KTt1ZignaScsIDQ4MTQ5MjIsIDE2NTgyMzUzODUpO3VmKCdnJywgMTI2OTI1MTAsIDE2NTgyMzUzODUpO3VmKCdjJywgNDUzNDI0MjAsIDE2NTgyMzUzODUpO3VmKCdyJywgMjY1NjM1NjI4LCAxNjU4MjM1Mzg1KTuSAsUEIXRuRHVfQWpVdmM4VkVLeU8xWDRZQUNDWTFWSXdBRGdBUUFCSTZqOVE0NEwwQ0ZnQVlLRUJhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFQnNBRUF1UUhIWGZuajBJQ0ZQOEVCeDEzNTQ5Q0FoVF9KQVFBQUFBQUFBUEFfMlFFQUFBQUFBQUR3UC1BQnl2Q2xBdlVCemN6TVBaZ0NBS0FDQWJVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBSUFEQVpnREFhSURGd2pjeDhBVUVBSVlBUzBBQUFBQU1nZGtaV1poZFd4MHVnTUpRVTFUTXpvMk1USTI0QVBxTG9BRV9hN0VCSWdFemRmSUJKQUVBWmdFQWJvRUdnaUZCQkVBQUFBQUFBRFFQeGtBQUFBQUFBQUFBQ0NDeG9zT3dRUUFBQUFBQUFEUVA4a0VBQUFBQUFBQUFBRFlCQUR4QkFBQUFBQUFBQUFBaUFYdUw2a0ZBQUFBQUFBQThELXhCUUFBQUFBQUFBQUF3UVdhbVptWm1abTVQOGtGQUFBQVFBVGh1al9SQlFBQUFBQUFBQUFBMlFVQUFBQUFBQUR3UC1BRm1nandCWjdZaGdiNEJaZWlzd0dDQmdOVlUwU0lCZ0NRQmdHWUJnQ2hCcHFabVptWm1ia19xQVlFc2dZa0NRQUFBQUFBQUFBQUVRQUFBQUFBQUFBQUdRQUFBQUFBQUFBQUlRQUFBQUFBASmodUFZS5oClQEhVHhZOVFnalV2YzhWRUt5TzFYNFltTlZTSUFBb0FER2FtWgUCWDVQem9KUVUxVE16bzJNVEkyUU9vdVNRAUsYQUFBUEFfVREMDEFBQVcdDABZEQwMTkFfYREMDEFBQWMdDBBlQUNKQREQNFBBX9gCAOACn_A_6gIWxRnw7TovL3JleHRlc3Rlci5jb20vgAMAiAMBkAMAmAMZoAMBqgMAwAOsAsgDANgDzZmnAeADAOgDAPgDAYAEAJIEBC90dGqYBACiBA4xNzguMzMuMTQ0LjE3OagEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANIEDjgxNzAjQU1TMzo2MTI22gQCCAHgBADwBKyO1X6IBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXcsBb6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG6CnaBhYKEAAAAAAFNw0BAZtM4AYB8gYCCACABwGIBwCgBwG6Bw8BSAAYCbUwqy5AAMgHifYF0gcNCQ03BTgI2gcGCSdo4AcA6gcCCADwB7nbAooIAhAAlQgAAIA_mAgB&s=ca8a946d1fb247ee40cfbe0c1aa6e574039bd9f3
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1658235385&bdh=n0mPiUBTM1CD64l9aLOIoMg_hLA.&&bdref=https%3A%2F%2Frextester.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Frextester.com%2F,https%3A%2F%2F198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=120x600&cb=1075836691&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%2526sai%253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%2526sig%253DCg0ArKJSzNDBXwpXjtxZEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Jul 2022 12:56:25 GMT
X-Proxy-Origin
178.33.144.179; 178.33.144.179; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
fd8cbd32-cf44-4037-93ed-20d6e0ca69db
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
trk.js
cdn.adnxs.com/v/s/224/ Frame 6ABD 		85 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/224/trk.js
Requested by
Host: secure.adnxs.com
URL: https://secure.adnxs.com/ttj?ttjb=1&bdc=1658235385&bdh=n0mPiUBTM1CD64l9aLOIoMg_hLA.&&bdref=https%3A%2F%2Frextester.com%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Frextester.com%2F,https%3A%2F%2F198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html&&id=18678115&size=120x600&cb=1075836691&pubclick=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%2526sai%253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%2526sig%253DCg0ArKJSzNDBXwpXjtxZEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 12:56:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 24 Feb 2022 08:58:20 GMT
Server
AkamaiNetStorage
ETag
"80cd3e09497c9fa4207d756c9d41697c:1645693100.060631"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*, *
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29216
Expires
Wed, 19 Jul 2023 12:56:25 GMT
ifr.php
delivery.advanseads.com/1.0/ Frame D18B 		60 KB
60 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://delivery.advanseads.com/1.0/ifr.php?zid=77194&dt=2&cb=350976769&c=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FGi_dJAaBhT_QyyiWW1p9PwAAAIA9Crc_0MsolltafT8aL90kBoGFPzD94yjEzpBO6VWiO-bAkRn5qdZiAAAAAGMBHQHKIAAA6h8AAAIAAAAsR9UPmKoUAAAAAABVU0QAVVNEAHgAWAJrrgAAAAABAgUCAAAAAMwAJiS0SwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TxY9QgjUvc8VEKyO1X4YmNVSIAAoADGamZmZmZm5PzoJQU1TMzo2MTI2QOouSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNBTVMzOjYxMjY%3D%2Fbn%3D97033%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%25253Fxai%25253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%252526sai%25253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%252526sig%25253DCg0ArKJSzNDBXwpXjtxZEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D&i=5661252073499655472&&&cb=464456&adv_imp=32d1707c-2d70-4f47-bc65-5c16d5e2648a&gen_imp=true&adv_int_imp=ea2580e9-2807-419a-a471-a36423039597&zf=%7B%22property_code%22%3A%22frpar14846_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Requested by
Host: cdn.advanseads.com
URL: https://cdn.advanseads.com/content_server/1.0/adv_jstag_2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.37.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-37-152.compute-1.amazonaws.com
Software
/
Resource Hash
7ec93ed936c25021a5d9b2556bbe9368be98479a6f30155eb83783066cb920b0

Request headers

Referer
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

content-type
text/html
date
Tue, 19 Jul 2022 12:56:25 GMT
impl_v90.js
www.googletagservices.com/dcm/ Frame 6ABD 		54 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/dcm/impl_v90.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Sun, 17 Jul 2022 18:25:01 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
153084
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21331
x-xss-protection
0
last-modified
Mon, 27 Jun 2022 13:07:10 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-dcm-tag"
vary
Accept-Encoding
report-to
{"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 17 Jul 2023 18:25:01 GMT
B11009375.223228466;dc_ver=90.265;sz=1x1;u_sd=1;gdpr=0;aucid=5661252073499655472;crid=265635628;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7B...
ad.doubleclick.net/ddm/adi/N163801.279382BIDMANAGER_DFASITE/ Frame A3AC 		26 B
529 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.doubleclick.net/ddm/adi/N163801.279382BIDMANAGER_DFASITE/B11009375.223228466;dc_ver=90.265;sz=1x1;u_sd=1;gdpr=0;aucid=5661252073499655472;crid=265635628;ioid=%24%7BINSERTION_ORDER_ID%7D;liid=%24%7BCAMPAIGN_ID%7D;segid=%24%7BPIXEL_ID_COMMA%7D;srcid=%24%7BSOURCE_URL%7D;dc_adk=3756772999;ord=wr53cg;click=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FGi_dJAaBhT_QyyiWW1p9PwAAAIA9Crc_0MsolltafT8aL90kBoGFPzD94yjEzpBO6VWiO-bAkRn5qdZiAAAAAGMBHQHKIAAA6h8AAAIAAAAsR9UPmKoUAAAAAABVU0QAVVNEAHgAWAJrrgAAAAABAgUCAAAAAMwAJiS0SwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TxY9QgjUvc8VEKyO1X4YmNVSIAAoADGamZmZmZm5PzoJQU1TMzo2MTI2QOouSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNBTVMzOjYxMjY%3D%2Fbn%3D97033%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%25253Fxai%25253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%252526sai%25253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%252526sig%25253DCg0ArKJSzNDBXwpXjtxZEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.;dc_rfl=1,https%3A%2F%2Frextester.com%2F$0;xdt=1;crlt=T0.lNkVZd6;gcsr=m;stc=1;chaa=1;sttr=42;prcl=s
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v90.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f6.1e100.net
Software
cafe /
Resource Hash
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
23
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Tue, 19 Jul 2022 12:56:25 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
ca
choices.trustarc.com/ Frame 6ABD 		27 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://choices.trustarc.com/ca?sz=120x600&c=350976769&cid=0&aid=sojern02_d&pid=sojern01&js=pmw0
Requested by
Host: choices.truste.com
URL: https://choices.truste.com/ca?pid=sojern01&aid=sojern02_d&cid=0&c=350976769&sz=120x600&js=st_dapp
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.93 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-93.fra60.r.cloudfront.net
Software
nginx /
Resource Hash
4b735eb18b944ca2d24de3f7c50e1789c0aa2586b1f955f88e45525b738ce392
Security Headers
Name Value
Content-Security-Policy default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:56:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
FRA60-P1
cross-origin-embedder-policy
unsafe-none
x-cache
Miss from cloudfront
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding, Origin
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
origin
server
nginx
cross-origin-opener-policy
unsafe-none
x-frame-options
SAMEORIGIN
expect-ct
max-age=31536000
strict-transport-security
max-age=31536000; includeSubDomains
content-type
text/javascript;charset=UTF-8
via
1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
permissions-policy
geolocation=(), microphone=(), payment=()
content-security-policy
default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
x-amz-cf-id
LhFsO-aQ3hxlVO2zAI7ZRtE97MwmnUkojOWjfrAyi8-ZFDLvUYxS5g==
expires
Mon, 26 Jul 1997 05:00:00 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame AF7B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Requested by
Host: 198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com
URL: https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.188 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-188.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Tue, 19 Jul 2022 12:56:25 GMT
ETag
"623de86a-cf34"
Expires
Wed, 20 Jul 2022 12:56:27 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
view
securepubads.g.doubleclick.net/pcs/ Frame 6ABD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst9hv923-jeYpuTuY-Wq4YMgRv-TYHc2Z0e28vYiVyqb2Di5_cuXHlny4BJnC1tuINMB-E7kot858e8kZSZc18BfluRdWzQA06E7IbEQz7k4wAGRjCsemUYY8VGyVGXdUjiZgTuTDmdH66cOtvD68aVO2HqAE1fuwj-D1j5nsoAG0mW3wCj0udwey0VRwSFuf1pXbODCiaUbnBrO2sNtPJR1xY5aJ50soOmmzGb4VtvYeNVc_Sm9x6kEgWeYS-iIeUasPyHRHcsVFABcMMCldJTtSM-9gZp_52Cyjnd0SmA9mmSz3fQn8a4FypQhKTaKkcjhB4G-_Lek13012s&sai=AMfl-YTIqVl1sddUk31bz7Encg1e4GVkzi5g-XumCPDiLV_STI2v89lmK_FQ_-rL4m17Z5H7o5chPiDGDcHU7ZZgeQ_VT_ANePJ5sLxTfi3Z8zi-0fWPYrykrXAVE4ipOh4&sig=Cg0ArKJSzBo67aQEFrW8EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.18.2 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s22-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Jul 2022 12:56:25 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Tue, 19 Jul 2022 12:56:25 GMT
truncated
/ Frame 6ABD 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a5dc5a37429ab0c85d061812b6ae3bbffe1a77605ce106b162dc253abba9e51c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Content-Type
image/png
vevent
ams3-ib.adnxs.com/ Frame 6ABD 		0
888 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Frextester.com%2F&e=wqT_3QKnEPBMJwgAAAMA1gAFAQj509qWBhCw-o_HwtizyE4Y6auJ3eOc8MgZKjYJGi_dJAaBhT8R0MsolltafT8ZAAAAgD0Ktz8h0MsolltafT8pGi8JJNAxAAAAQOF6hD8w44L0CDjKQUDqP0gCUKyO1X5YmNVSYABo69yaAXiJ9gWAAQGKAQNVU0SSAQEG8ECYAXigAdgEqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA6gGQBWh0dHBzJTNBJTJGJTJGYWRjbGljay5nLmRvdWJsZQkOLG5ldCUyRnBjcyUyRgUSHCUyNTNGeGFpAQj0KwVEQUtBT2pzdDVHUkRyeDJCd0U1TW9aZi1sUFYtRzFxX05DQUNBeTI4T2FXbVhQalMtSmVSUWpJWTJoaGdkRGRSWVFaSGdWUUpmZ2FacTFRakdJYWZfdDdVcU5NQWIxanZxMmt2ZzRrNjZMbEtmV08zbGExTGE5dFBfOWQ5SWs3elJod1JOd250aDZ1d0RWYkNmdF9TVEZMNGdDa19vYkhLUjJyVVJVWHRCVXlHcXh6blpyVlRXSVExUzl1MEtVYndiVUZMMGhKNWk1VEVZOXhybVFlMWlWclI4bDlJQ08yMXBCclVmd2FzR09aNVlQd3BySk9QZGhoRUxWUE15N2pfeXVNVkVjaXRJcWthX2Y4Tml3dlJ6cnFBYzNITjdRU2hLMU9ic3RZMDYzMlBpOGstMmdJRTI5d1JlaE5PeFhZWGR1d01UMERwZDdxbVgtSkM0Z0xGdyUyNTI2c2FpJTI1M0RBTWZsLVlSUUYtNmI0d2EyQ0JtaWlQWFZJSElseXhoblBwZHRFUnFIREhXZktQbHZnUGllZHIxM3RqY082bW1MZ3VndHhpMUVsSHJqdFdHQjZPV0RQdzNUbzllTkdpSHk2enBGZlYwekZ6ZWQxVDZXZnh2RXcwaHg0R2Z0a1ZRYkJDayUyNTI2c2lnJTI1M0RDZzBBcktKU3pOREJYd3BYanR4WkVBRSUyNTI2ZmJzX2FlaWQlMjUzRCUyNTVCZ3dfZmJzYWVpZCUyNTVEJTI1MjZ1cmxmaXglMjUzRDElMjUyNmFkdXJsJTI1M0TwAQCKApUBdWYoJ2EnLCAyOTM3MTExLCAxNjU4MjM1Mzg1KTt1ZignaScsIDQ4MTQ5MjIsIDE2NTgyMzUzODUpO3VmKCdnJywgMTI2OTI1MTAsIDE2NTgyMzUzODUpO3VmKCdjJywgNDUzNDI0MjAsIDE2NTgyMzUzODUpO3VmKCdyJywgMjY1NjM1NjI4LCAxNjU4MjM1Mzg1KTuSAsUEIXRuRHVfQWpVdmM4VkVLeU8xWDRZQUNDWTFWSXdBRGdBUUFCSTZqOVE0NEwwQ0ZnQVlLRUJhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFQnNBRUF1UUhIWGZuajBJQ0ZQOEVCeDEzNTQ5Q0FoVF9KQVFBQUFBQUFBUEFfMlFFQUFBQUFBQUR3UC1BQnl2Q2xBdlVCemN6TVBaZ0NBS0FDQWJVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBSUFEQVpnREFhSURGd2pjeDhBVUVBSVlBUzBBQUFBQU1nZGtaV1poZFd4MHVnTUpRVTFUTXpvMk1USTI0QVBxTG9BRV9hN0VCSWdFemRmSUJKQUVBWmdFQWJvRUdnaUZCQkVBQUFBQUFBRFFQeGtBQUFBQUFBQUFBQ0NDeG9zT3dRUUFBQUFBQUFEUVA4a0VBQUFBQUFBQUFBRFlCQUR4QkFBQUFBQUFBQUFBaUFYdUw2a0ZBQUFBQUFBQThELXhCUUFBQUFBQUFBQUF3UVdhbVptWm1abTVQOGtGQUFBQVFBVGh1al9SQlFBQUFBQUFBQUFBMlFVQUFBQUFBQUR3UC1BRm1nandCWjdZaGdiNEJaZWlzd0dDQmdOVlUwU0lCZ0NRQmdHWUJnQ2hCcHFabVptWm1ia19xQVlFc2dZa0NRQUFBQUFBQUFBQUVRQUFBQUFBQUFBQUdRQUFBQUFBQUFBQUlRQUFBQUFBASmodUFZS5oClQEhVHhZOVFnalV2YzhWRUt5TzFYNFltTlZTSUFBb0FER2FtWgUCWDVQem9KUVUxVE16bzJNVEkyUU9vdVNRAUsYQUFBUEFfVREMDEFBQVcdDABZEQwMTkFfYREMDEFBQWMdDBBlQUNKQREQNFBBX9gCAOACn_A_6gIWxRnw7TovL3JleHRlc3Rlci5jb20vgAMAiAMBkAMAmAMZoAMBqgMAwAOsAsgDANgDzZmnAeADAOgDAPgDAYAEAJIEBC90dGqYBACiBA4xNzguMzMuMTQ0LjE3OagEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANIEDjgxNzAjQU1TMzo2MTI22gQCCAHgBADwBKyO1X6IBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXcsBb6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG6CnaBhYKEAAAAAAFNw0BAZtM4AYB8gYCCACABwGIBwCgBwG6Bw8BSAAYCbUwqy5AAMgHifYF0gcNCQ03BTgI2gcGCSdo4AcA6gcCCADwB7nbAooIAhAAlQgAAIA_mAgB&s=ca8a946d1fb247ee40cfbe0c1aa6e574039bd9f3&type=nv&nvt=5&jm=1140|1141|1003&px=0&py=0&bw=120&bh=600&sid=5073356491954961361&vd=ct~0|rr~0&sv=224&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=18678115&sw=1600&sh=1200&pw=120&ph=622&ww=120&wh=600&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Jul 2022 12:56:25 GMT
X-Proxy-Origin
178.33.144.179; 178.33.144.179; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
1800c696-a5cb-4a6d-8c87-1eb702a5b756
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
agile_carousel.css
cdn.advanseads.com/dnaFiles/js/agile_carousel_1.1/ Frame D18B 		9 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/agile_carousel_1.1/agile_carousel.css
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77194&dt=2&cb=350976769&c=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FGi_dJAaBhT_QyyiWW1p9PwAAAIA9Crc_0MsolltafT8aL90kBoGFPzD94yjEzpBO6VWiO-bAkRn5qdZiAAAAAGMBHQHKIAAA6h8AAAIAAAAsR9UPmKoUAAAAAABVU0QAVVNEAHgAWAJrrgAAAAABAgUCAAAAAMwAJiS0SwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TxY9QgjUvc8VEKyO1X4YmNVSIAAoADGamZmZmZm5PzoJQU1TMzo2MTI2QOouSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNBTVMzOjYxMjY%3D%2Fbn%3D97033%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%25253Fxai%25253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%252526sai%25253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%252526sig%25253DCg0ArKJSzNDBXwpXjtxZEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D&i=5661252073499655472&&&cb=464456&adv_imp=32d1707c-2d70-4f47-bc65-5c16d5e2648a&gen_imp=true&adv_int_imp=ea2580e9-2807-419a-a471-a36423039597&zf=%7B%22property_code%22%3A%22frpar14846_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a9af85c75793307e7639f72812b5f35ff45721624d043a7be27441e02c1103cd

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 12:55:44 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 13 Jul 2022 16:21:40 GMT
Server
AmazonS3
Age
42
ETag
"2acfd1782b95af78fee3dc210ad4f6a7"
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
Cache-Control
max-age=60
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
1958
X-Amz-Cf-Id
5eIcg-NGeKngiwkYzTXRm8aT_wzqznPzQSgX74Pcy7xnTZuPmFAplA==
jquery-ui.css
cdn.advanseads.com/dnaFiles/js/ Frame D18B 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/jquery-ui.css
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77194&dt=2&cb=350976769&c=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FGi_dJAaBhT_QyyiWW1p9PwAAAIA9Crc_0MsolltafT8aL90kBoGFPzD94yjEzpBO6VWiO-bAkRn5qdZiAAAAAGMBHQHKIAAA6h8AAAIAAAAsR9UPmKoUAAAAAABVU0QAVVNEAHgAWAJrrgAAAAABAgUCAAAAAMwAJiS0SwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TxY9QgjUvc8VEKyO1X4YmNVSIAAoADGamZmZmZm5PzoJQU1TMzo2MTI2QOouSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNBTVMzOjYxMjY%3D%2Fbn%3D97033%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%25253Fxai%25253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%252526sai%25253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%252526sig%25253DCg0ArKJSzNDBXwpXjtxZEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D&i=5661252073499655472&&&cb=464456&adv_imp=32d1707c-2d70-4f47-bc65-5c16d5e2648a&gen_imp=true&adv_int_imp=ea2580e9-2807-419a-a471-a36423039597&zf=%7B%22property_code%22%3A%22frpar14846_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d50ae1c9b63b678c6cdaa47ec3338db2527874e314cf919606cbd542e25b2763

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 12:55:37 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 13 Jul 2022 16:21:41 GMT
Server
AmazonS3
Age
49
ETag
"d0d2ed037245572e628bfe83ba7a6f3d"
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
Cache-Control
max-age=60
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
3696
X-Amz-Cf-Id
FAbN0l64Cdyts1uIbsEKUhhSXJ5RiYD1dhkADxh5cxlJNGRgtyf0Tw==
jquery.min.js
cdn.advanseads.com/dnaFiles/js/ Frame D18B 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/jquery.min.js?v=1658206599699
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77194&dt=2&cb=350976769&c=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FGi_dJAaBhT_QyyiWW1p9PwAAAIA9Crc_0MsolltafT8aL90kBoGFPzD94yjEzpBO6VWiO-bAkRn5qdZiAAAAAGMBHQHKIAAA6h8AAAIAAAAsR9UPmKoUAAAAAABVU0QAVVNEAHgAWAJrrgAAAAABAgUCAAAAAMwAJiS0SwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TxY9QgjUvc8VEKyO1X4YmNVSIAAoADGamZmZmZm5PzoJQU1TMzo2MTI2QOouSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNBTVMzOjYxMjY%3D%2Fbn%3D97033%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%25253Fxai%25253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%252526sai%25253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%252526sig%25253DCg0ArKJSzNDBXwpXjtxZEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D&i=5661252073499655472&&&cb=464456&adv_imp=32d1707c-2d70-4f47-bc65-5c16d5e2648a&gen_imp=true&adv_int_imp=ea2580e9-2807-419a-a471-a36423039597&zf=%7B%22property_code%22%3A%22frpar14846_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 12:56:19 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 13 Jul 2022 16:21:41 GMT
Server
AmazonS3
Age
29
ETag
"5bcf32c2acb8a559cdca220b431432f5"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
Cache-Control
max-age=60
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
33409
X-Amz-Cf-Id
29P4N0oZiOTqFB6ZAS0ZtF42vY6xAHrtRjf8jDg4hsgF8SBrj9rzVA==
jquery-ui.min.js
cdn.advanseads.com/dnaFiles/js/ Frame D18B 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/jquery-ui.min.js?v=1658206599699
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77194&dt=2&cb=350976769&c=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FGi_dJAaBhT_QyyiWW1p9PwAAAIA9Crc_0MsolltafT8aL90kBoGFPzD94yjEzpBO6VWiO-bAkRn5qdZiAAAAAGMBHQHKIAAA6h8AAAIAAAAsR9UPmKoUAAAAAABVU0QAVVNEAHgAWAJrrgAAAAABAgUCAAAAAMwAJiS0SwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TxY9QgjUvc8VEKyO1X4YmNVSIAAoADGamZmZmZm5PzoJQU1TMzo2MTI2QOouSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNBTVMzOjYxMjY%3D%2Fbn%3D97033%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%25253Fxai%25253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%252526sai%25253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%252526sig%25253DCg0ArKJSzNDBXwpXjtxZEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D&i=5661252073499655472&&&cb=464456&adv_imp=32d1707c-2d70-4f47-bc65-5c16d5e2648a&gen_imp=true&adv_int_imp=ea2580e9-2807-419a-a471-a36423039597&zf=%7B%22property_code%22%3A%22frpar14846_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5160f8e7cf65486d4ef7ac14e03e5f5ae69449527b99fe4ea4634bd829e9ef8f

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 12:56:04 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 13 Jul 2022 16:21:41 GMT
Server
AmazonS3
Age
22
ETag
"1079e6435c8168074966fce1c9e16ade"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 6b17c6258978715ba0681e1d5589502c.cloudfront.net (CloudFront)
Cache-Control
max-age=60
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
7065
X-Amz-Cf-Id
740t9i-R_Y0M4ms8CNAWlfL0ZpP48jzIval8tagBjCJi8Kd3vLChSg==
html_render_v4.min.js
cdn.advanseads.com/dnaFiles/js/ Frame D18B 		258 KB
40 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/html_render_v4.min.js?v=1658206599699
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77194&dt=2&cb=350976769&c=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FGi_dJAaBhT_QyyiWW1p9PwAAAIA9Crc_0MsolltafT8aL90kBoGFPzD94yjEzpBO6VWiO-bAkRn5qdZiAAAAAGMBHQHKIAAA6h8AAAIAAAAsR9UPmKoUAAAAAABVU0QAVVNEAHgAWAJrrgAAAAABAgUCAAAAAMwAJiS0SwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TxY9QgjUvc8VEKyO1X4YmNVSIAAoADGamZmZmZm5PzoJQU1TMzo2MTI2QOouSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNBTVMzOjYxMjY%3D%2Fbn%3D97033%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%25253Fxai%25253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%252526sai%25253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%252526sig%25253DCg0ArKJSzNDBXwpXjtxZEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D&i=5661252073499655472&&&cb=464456&adv_imp=32d1707c-2d70-4f47-bc65-5c16d5e2648a&gen_imp=true&adv_int_imp=ea2580e9-2807-419a-a471-a36423039597&zf=%7B%22property_code%22%3A%22frpar14846_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3ea3c755accaba5448c5d6a0414ae0cb437af0162726f382f66556c7b80152a0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 12:56:04 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 13 Jul 2022 16:21:40 GMT
Server
AmazonS3
Age
22
ETag
"3e097e84cd6eb34dcef0dfde30a54585"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
Cache-Control
max-age=60
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
40602
X-Amz-Cf-Id
YZEtUJISo6AaIwOeQjQYes1DV7J9UD1o6sj5iSlyaxkAnMKSpT3n2g==
slick.css
cdn.advanseads.com/dnaFiles/js/slick-1.4.1/slick/ Frame D18B 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/slick-1.4.1/slick/slick.css
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77194&dt=2&cb=350976769&c=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FGi_dJAaBhT_QyyiWW1p9PwAAAIA9Crc_0MsolltafT8aL90kBoGFPzD94yjEzpBO6VWiO-bAkRn5qdZiAAAAAGMBHQHKIAAA6h8AAAIAAAAsR9UPmKoUAAAAAABVU0QAVVNEAHgAWAJrrgAAAAABAgUCAAAAAMwAJiS0SwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TxY9QgjUvc8VEKyO1X4YmNVSIAAoADGamZmZmZm5PzoJQU1TMzo2MTI2QOouSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNBTVMzOjYxMjY%3D%2Fbn%3D97033%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%25253Fxai%25253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%252526sai%25253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%252526sig%25253DCg0ArKJSzNDBXwpXjtxZEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D&i=5661252073499655472&&&cb=464456&adv_imp=32d1707c-2d70-4f47-bc65-5c16d5e2648a&gen_imp=true&adv_int_imp=ea2580e9-2807-419a-a471-a36423039597&zf=%7B%22property_code%22%3A%22frpar14846_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6f173fbde897c4b5e403c91d99bfc6d671efea799450ca3b11c0d1bcce2ddfc1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 12:55:56 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 13 Jul 2022 16:21:41 GMT
Server
AmazonS3
Age
37
ETag
"2405b6c50161ec76667b238661153391"
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 bc0a0f9f99d36a68240a31a25e39addc.cloudfront.net (CloudFront)
Cache-Control
max-age=60
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
562
X-Amz-Cf-Id
Mu6HtXu9GuWT4e36ZqC97yoWTl143wVNg3uLxwpu-IB_V0tqLz7P2Q==
slick-theme.css
cdn.advanseads.com/dnaFiles/js/slick-1.4.1/slick/ Frame D18B 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/slick-1.4.1/slick/slick-theme.css
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77194&dt=2&cb=350976769&c=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FGi_dJAaBhT_QyyiWW1p9PwAAAIA9Crc_0MsolltafT8aL90kBoGFPzD94yjEzpBO6VWiO-bAkRn5qdZiAAAAAGMBHQHKIAAA6h8AAAIAAAAsR9UPmKoUAAAAAABVU0QAVVNEAHgAWAJrrgAAAAABAgUCAAAAAMwAJiS0SwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TxY9QgjUvc8VEKyO1X4YmNVSIAAoADGamZmZmZm5PzoJQU1TMzo2MTI2QOouSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNBTVMzOjYxMjY%3D%2Fbn%3D97033%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%25253Fxai%25253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%252526sai%25253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%252526sig%25253DCg0ArKJSzNDBXwpXjtxZEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D&i=5661252073499655472&&&cb=464456&adv_imp=32d1707c-2d70-4f47-bc65-5c16d5e2648a&gen_imp=true&adv_int_imp=ea2580e9-2807-419a-a471-a36423039597&zf=%7B%22property_code%22%3A%22frpar14846_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b912f9dcae358b9ef7e2d6b1f368eeabe05d17af890ff48ce0820e9facbc9fe7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 12:55:40 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 13 Jul 2022 16:21:41 GMT
Server
AmazonS3
Age
46
ETag
"4318ed53c9a1c6152a5d81b1a8d82b64"
X-Cache
Hit from cloudfront
Content-Type
text/css
Via
1.1 8eee0c5143f92bd7600d25e3dc25ce5e.cloudfront.net (CloudFront)
Cache-Control
max-age=60
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
858
X-Amz-Cf-Id
8Bd7kD3AxS9Mq6CO1tmBYZRs46gPDjbA2nbKA9EdsPQDJ6H5EmLPXQ==
slick.js
cdn.advanseads.com/dnaFiles/js/slick-1.4.1/slick/ Frame D18B 		64 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/js/slick-1.4.1/slick/slick.js
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77194&dt=2&cb=350976769&c=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FGi_dJAaBhT_QyyiWW1p9PwAAAIA9Crc_0MsolltafT8aL90kBoGFPzD94yjEzpBO6VWiO-bAkRn5qdZiAAAAAGMBHQHKIAAA6h8AAAIAAAAsR9UPmKoUAAAAAABVU0QAVVNEAHgAWAJrrgAAAAABAgUCAAAAAMwAJiS0SwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TxY9QgjUvc8VEKyO1X4YmNVSIAAoADGamZmZmZm5PzoJQU1TMzo2MTI2QOouSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNBTVMzOjYxMjY%3D%2Fbn%3D97033%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%25253Fxai%25253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%252526sai%25253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%252526sig%25253DCg0ArKJSzNDBXwpXjtxZEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D&i=5661252073499655472&&&cb=464456&adv_imp=32d1707c-2d70-4f47-bc65-5c16d5e2648a&gen_imp=true&adv_int_imp=ea2580e9-2807-419a-a471-a36423039597&zf=%7B%22property_code%22%3A%22frpar14846_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a8e91147663e766b9d516e4b7fd39f21685b1866829dd58595a997463a3d1b24

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 12:55:31 GMT
Content-Encoding
gzip
Connection
keep-alive
Last-Modified
Wed, 13 Jul 2022 16:21:41 GMT
Server
AmazonS3
Age
55
ETag
"c69b00724bbcaecf9aebcbb69d1abd70"
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Via
1.1 6fd3ab2be93b19c970fb371964d46d94.cloudfront.net (CloudFront)
Cache-Control
max-age=60
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
10898
X-Amz-Cf-Id
22fo-g0nFWEQJuKzEqWU8ZNNw8_wybw5C_IcFghwF8ScohYdQdJ-5Q==
async_usersync
ib.adnxs.com/ Frame AF7B 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8394&pub_id=1070141&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Jul 2022 12:56:25 GMT
X-Proxy-Origin
178.33.144.179; 178.33.144.179; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
6230506b-48c7-4277-af09-07b3e7d03cc9
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022071401&jk=3284866998420991&bg=!EBOlE1fNAAaYcLjmuHA7ACkAdvg8WkYf8SqIz0vw8HbmGOkF-07unrc80tuBWp8vIy4lOAKoTRfLTQIAAABJUgAAAAJoAQcKAD-DrLyTdpYq4fxYaHQOsn-8heV99LAwcrMLRQQjUnFjbpVj7vSDMTy512KmrJRWOKhu_H7GoX3BN9i-ZtWS8nqZAqEXZCNhfmEWSZbMZaQRqz_6WQiRULb9ptNxlJosdciBoKTV_L5mJ1Q9DFbhuAsEWw3hdSA3nYAGKsbhXXJBxk8hiARvq9lT-Y1Z6ISbPcd4Oc7fw75uBqMDjW1tAlDxFZM-HUho9ueTaRifg-OjK4sdd-HO4a2HsZZGfXuN8yqP3y_tzd14fUHcx1roXTcxR8DKLeT2q5pqG5kdySKhutqwfmqo-RgcgaHzzPxqOe9YdqCVCk9dGL5Xw2uz9qmdqQyNFi1_R4-PXaxnSXuul-dXY26tn3Gcg2t2JRVqMayB8rXXmEg9lBfpE_MhDpTNYfimNugMK4QJzB4GFDfIWwDj1AK5RkT70PEOlHtzGDBC8Yeq_vZD4k9yX0wMsvYBWYwi-f-8el7kQUWSR_V9-g2N91cNWqI4TjkZiSwRcAKvRksNsj9rEOwkBXYDwvsDN0lIpm0lTepEdRX0O66OFpwac-qTyJa2er5_B4lDJOxGIVlXV-IhV_kluIhPruSQUd982D43vJjhVusysHv5sJ86sCKxy_6oYudnXw7wMh4HP8kQbqzdf-fN8L-gWVz1TfIVISO7VWSQ6l8MdXrKLubqxoQ2x-UttR4F6SW1ecGBfVhvHGnd2xQPmrhESs3L6S-w1oC3hmQDZMlHEw4BVtYmhu4SUl485w1smAaOpPWufTWliXj6MdSZSL-C0rs2xt_KEtH8v2w29QTA8bar9iB8hRONUaAznrAFY3I6JpdTCaJ2b_ZfR9mBaoMo_rPFcFx2WZI_S-VoN22ya1ix2TnvSEBRsYHvkQis2PzfiTywgCVhHyy91PHHhjj6eKINvXFWEjeVpm34rYUC4MXriEdSr2gXNruGJDVscP_K0-sVmeBTrrtip3_UpVyCjlHB8dD5
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://rextester.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers
css
fonts.googleapis.com/ Frame D18B 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open%20Sans:700
Requested by
Host: cdn.advanseads.com
URL: https://cdn.advanseads.com/dnaFiles/js/jquery.min.js?v=1658206599699
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
61cecaa8485a309cd42c6ee9984a2fbc30a9e86c28f5942cc66770a73746656b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 19 Jul 2022 11:38:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Tue, 19 Jul 2022 12:56:26 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 19 Jul 2022 12:56:26 GMT
imp.png
count.advanseads.com/v6/ Frame D18B 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://count.advanseads.com/v6/imp.png?bt=01cd1149-8410-4cc4-b512-1499b73c839c&bv=&bi=0&df=4012&dr=%5B%22frpar14846_fr%22%5D&r=1658235385957&at=null&adv_imp=32d1707c-2d70-4f47-bc65-5c16d5e2648a&adv_int_imp=ea2580e9-2807-419a-a471-a36423039597&zid=77194&zf=%7B%22property_code%22%3A%22frpar14846_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77194&dt=2&cb=350976769&c=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FGi_dJAaBhT_QyyiWW1p9PwAAAIA9Crc_0MsolltafT8aL90kBoGFPzD94yjEzpBO6VWiO-bAkRn5qdZiAAAAAGMBHQHKIAAA6h8AAAIAAAAsR9UPmKoUAAAAAABVU0QAVVNEAHgAWAJrrgAAAAABAgUCAAAAAMwAJiS0SwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TxY9QgjUvc8VEKyO1X4YmNVSIAAoADGamZmZmZm5PzoJQU1TMzo2MTI2QOouSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNBTVMzOjYxMjY%3D%2Fbn%3D97033%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%25253Fxai%25253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%252526sai%25253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%252526sig%25253DCg0ArKJSzNDBXwpXjtxZEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D&i=5661252073499655472&&&cb=464456&adv_imp=32d1707c-2d70-4f47-bc65-5c16d5e2648a&gen_imp=true&adv_int_imp=ea2580e9-2807-419a-a471-a36423039597&zf=%7B%22property_code%22%3A%22frpar14846_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.203.71.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-203-71-44.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:56:26 GMT
content-type
text/html
5661252073499655472
delivery.advanseads.com/1.0/ Frame D18B 		520 B
520 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://delivery.advanseads.com/1.0/5661252073499655472
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77194&dt=2&cb=350976769&c=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FGi_dJAaBhT_QyyiWW1p9PwAAAIA9Crc_0MsolltafT8aL90kBoGFPzD94yjEzpBO6VWiO-bAkRn5qdZiAAAAAGMBHQHKIAAA6h8AAAIAAAAsR9UPmKoUAAAAAABVU0QAVVNEAHgAWAJrrgAAAAABAgUCAAAAAMwAJiS0SwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TxY9QgjUvc8VEKyO1X4YmNVSIAAoADGamZmZmZm5PzoJQU1TMzo2MTI2QOouSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNBTVMzOjYxMjY%3D%2Fbn%3D97033%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%25253Fxai%25253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%252526sai%25253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%252526sig%25253DCg0ArKJSzNDBXwpXjtxZEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D&i=5661252073499655472&&&cb=464456&adv_imp=32d1707c-2d70-4f47-bc65-5c16d5e2648a&gen_imp=true&adv_int_imp=ea2580e9-2807-419a-a471-a36423039597&zf=%7B%22property_code%22%3A%22frpar14846_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.20.37.152 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-20-37-152.compute-1.amazonaws.com
Software
awselb/2.0 /
Resource Hash
8b73b6ccd7091d6d9d23adaab2baae3c4abf6de06df8efdd03215ee9376fa035

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delivery.advanseads.com/1.0/ifr.php?zid=77194&dt=2&cb=350976769&c=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FGi_dJAaBhT_QyyiWW1p9PwAAAIA9Crc_0MsolltafT8aL90kBoGFPzD94yjEzpBO6VWiO-bAkRn5qdZiAAAAAGMBHQHKIAAA6h8AAAIAAAAsR9UPmKoUAAAAAABVU0QAVVNEAHgAWAJrrgAAAAABAgUCAAAAAMwAJiS0SwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TxY9QgjUvc8VEKyO1X4YmNVSIAAoADGamZmZmZm5PzoJQU1TMzo2MTI2QOouSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNBTVMzOjYxMjY%3D%2Fbn%3D97033%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%25253Fxai%25253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%252526sai%25253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%252526sig%25253DCg0ArKJSzNDBXwpXjtxZEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D&i=5661252073499655472&&&cb=464456&adv_imp=32d1707c-2d70-4f47-bc65-5c16d5e2648a&gen_imp=true&adv_int_imp=ea2580e9-2807-419a-a471-a36423039597&zf=%7B%22property_code%22%3A%22frpar14846_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

date
Tue, 19 Jul 2022 12:56:26 GMT
server
awselb/2.0
content-length
520
content-type
text/html
60_f9b27c75-9aa9-48a6-8be4-517633a8ad26.jpg
cdn.advanseads.com/assets/comp/ Frame D18B 		69 KB
70 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.advanseads.com/assets/comp/60_f9b27c75-9aa9-48a6-8be4-517633a8ad26.jpg
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77194&dt=2&cb=350976769&c=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FGi_dJAaBhT_QyyiWW1p9PwAAAIA9Crc_0MsolltafT8aL90kBoGFPzD94yjEzpBO6VWiO-bAkRn5qdZiAAAAAGMBHQHKIAAA6h8AAAIAAAAsR9UPmKoUAAAAAABVU0QAVVNEAHgAWAJrrgAAAAABAgUCAAAAAMwAJiS0SwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TxY9QgjUvc8VEKyO1X4YmNVSIAAoADGamZmZmZm5PzoJQU1TMzo2MTI2QOouSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNBTVMzOjYxMjY%3D%2Fbn%3D97033%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%25253Fxai%25253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%252526sai%25253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%252526sig%25253DCg0ArKJSzNDBXwpXjtxZEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D&i=5661252073499655472&&&cb=464456&adv_imp=32d1707c-2d70-4f47-bc65-5c16d5e2648a&gen_imp=true&adv_int_imp=ea2580e9-2807-419a-a471-a36423039597&zf=%7B%22property_code%22%3A%22frpar14846_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
344e49be2a4066e55d8eab5695ff832c899fa62acab428800d595cdab96a3ab4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 12:56:25 GMT
Via
1.1 3141f89cca62ae5784a211a8d1176d1c.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Thu, 30 Apr 2020 23:51:40 GMT
Server
AmazonS3
Age
706
ETag
"d7639cb5b1de2d88ed234c39d35f8674"
X-Cache
Hit from cloudfront
Content-Type
image/jpg
Cache-Control
max-age=3600
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
70856
X-Amz-Cf-Id
3tEzEhXDvNlQN40L0Mu_N0tfzOBmrXOtOOQjtnLcol-5e4S7pbBt9g==
5ea9e7c5d2ade2.51266691.png
cdn.advanseads.com/assets/ Frame D18B 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.advanseads.com/assets/5ea9e7c5d2ade2.51266691.png
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77194&dt=2&cb=350976769&c=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FGi_dJAaBhT_QyyiWW1p9PwAAAIA9Crc_0MsolltafT8aL90kBoGFPzD94yjEzpBO6VWiO-bAkRn5qdZiAAAAAGMBHQHKIAAA6h8AAAIAAAAsR9UPmKoUAAAAAABVU0QAVVNEAHgAWAJrrgAAAAABAgUCAAAAAMwAJiS0SwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TxY9QgjUvc8VEKyO1X4YmNVSIAAoADGamZmZmZm5PzoJQU1TMzo2MTI2QOouSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNBTVMzOjYxMjY%3D%2Fbn%3D97033%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%25253Fxai%25253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%252526sai%25253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%252526sig%25253DCg0ArKJSzNDBXwpXjtxZEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D&i=5661252073499655472&&&cb=464456&adv_imp=32d1707c-2d70-4f47-bc65-5c16d5e2648a&gen_imp=true&adv_int_imp=ea2580e9-2807-419a-a471-a36423039597&zf=%7B%22property_code%22%3A%22frpar14846_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
47786e6e7844edd46b5b996a3d3f3b17a8d77d3de2ed89c67710d0a670e39b22

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 12:56:25 GMT
Via
1.1 b04a6cb0bde4a78c29099913e07f9056.cloudfront.net (CloudFront)
Connection
keep-alive
Last-Modified
Wed, 29 Apr 2020 20:47:02 GMT
Server
AmazonS3
Age
12
ETag
"fb28dc4a227cdfdc84c6c7bc6a8d441f"
X-Cache
Hit from cloudfront
Content-Type
image/png
Cache-Control
max-age=60
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
Content-Length
1068
X-Amz-Cf-Id
2PVzrhmaTh1SRLYdRtzph59x87ATYAyuDegXXqD0r-U9-KsdMpffuQ==
hit.php
tracker.book-secure.com/ Frame D18B 		0
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.book-secure.com/hit.php?redir=null&typeredir=AcquisitionSJNDisplay&hotelnames=Fr-Jardins-d-Eiffel
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77194&dt=2&cb=350976769&c=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FGi_dJAaBhT_QyyiWW1p9PwAAAIA9Crc_0MsolltafT8aL90kBoGFPzD94yjEzpBO6VWiO-bAkRn5qdZiAAAAAGMBHQHKIAAA6h8AAAIAAAAsR9UPmKoUAAAAAABVU0QAVVNEAHgAWAJrrgAAAAABAgUCAAAAAMwAJiS0SwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TxY9QgjUvc8VEKyO1X4YmNVSIAAoADGamZmZmZm5PzoJQU1TMzo2MTI2QOouSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNBTVMzOjYxMjY%3D%2Fbn%3D97033%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%25253Fxai%25253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%252526sai%25253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%252526sig%25253DCg0ArKJSzNDBXwpXjtxZEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D&i=5661252073499655472&&&cb=464456&adv_imp=32d1707c-2d70-4f47-bc65-5c16d5e2648a&gen_imp=true&adv_int_imp=ea2580e9-2807-419a-a471-a36423039597&zf=%7B%22property_code%22%3A%22frpar14846_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.240.34 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-240-34.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://delivery.advanseads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Jul 2022 12:56:26 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
P3P
CP="NOI DSP COR NID CUR OUR NOR STA"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
Keep-Alive
timeout=15, max=100
Content-Length
20
Expires
0
LiberationSans-Regular.ttf.ttf
cdn.advanseads.com/dnaFiles/fonts/red-hat-inc_liberation-sans/ Frame D18B 		0
0 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.advanseads.com/dnaFiles/fonts/red-hat-inc_liberation-sans/LiberationSans-Regular.ttf.ttf
Requested by
Host: delivery.advanseads.com
URL: https://delivery.advanseads.com/1.0/ifr.php?zid=77194&dt=2&cb=350976769&c=https%3A%2F%2Fams3-ib.adnxs.com%2Fclick%3FGi_dJAaBhT_QyyiWW1p9PwAAAIA9Crc_0MsolltafT8aL90kBoGFPzD94yjEzpBO6VWiO-bAkRn5qdZiAAAAAGMBHQHKIAAA6h8AAAIAAAAsR9UPmKoUAAAAAABVU0QAVVNEAHgAWAJrrgAAAAABAgUCAAAAAMwAJiS0SwAAAAA.%2Fbcr%3DAAAAAAAA8D8%3D%2Fcnd%3D%2521TxY9QgjUvc8VEKyO1X4YmNVSIAAoADGamZmZmZm5PzoJQU1TMzo2MTI2QOouSQAAAAAAAPA_UQAAAAAAAAAAWQAAAAAAAAAAYQAAAAAAANA_aQAAAAAAAAAAcQAAAAAAAAAAeACJAQAAAAAAAPA_%2Fcca%3DODE3MCNBTVMzOjYxMjY%3D%2Fbn%3D97033%2Fclickenc%3Dhttps%253A%252F%252Fadclick.g.doubleclick.net%252Fpcs%252Fclick%25253Fxai%25253DAKAOjst5GRDrx2BwE5MoZf-lPV-G1q_NCACAy28OaWmXPjS-JeRQjIY2hhgdDdRYQZHgVQJfgaZq1QjGIaf_t7UqNMAb1jvq2kvg4k66LlKfWO3la1La9tP_9d9Ik7zRhwRNwnth6uwDVbCft_STFL4gCk_obHKR2rURUXtBUyGqxznZrVTWIQ1S9u0KUbwbUFL0hJ5i5TEY9xrmQe1iVrR8l9ICO21pBrUfwasGOZ5YPwprJOPdhhELVPMy7j_yuMVEcitIqka_f8NiwvRzrqAc3HN7QShK1ObstY0632Pi8k-2gIE29wRehNOxXYXduwMT0Dpd7qmX-JC4gLFw%252526sai%25253DAMfl-YRQF-6b4wa2CBmiiPXVIHIlyxhnPpdtERqHDHWfKPlvgPiedr13tjcO6mmLgugtxi1ElHrjtWGB6OWDPw3To9eNGiHy6zpFfV0zFzed1T6WfxvEw0hx4GftkVQbBCk%252526sig%25253DCg0ArKJSzNDBXwpXjtxZEAE%252526fbs_aeid%25253D%25255Bgw_fbsaeid%25255D%252526urlfix%25253D1%252526adurl%25253D&i=5661252073499655472&&&cb=464456&adv_imp=32d1707c-2d70-4f47-bc65-5c16d5e2648a&gen_imp=true&adv_int_imp=ea2580e9-2807-419a-a471-a36423039597&zf=%7B%22property_code%22%3A%22frpar14846_%5BADV_LOCAL_LANG%5D%22%2C%22browser_lang%22%3A%22%5BADV_LOCAL_LANG%5D%22%7D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.32.121.95 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-121-95.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://delivery.advanseads.com/
Origin
https://delivery.advanseads.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Date
Tue, 19 Jul 2022 12:55:41 GMT
Via
1.1 1877c1d3c1c0435e896415d580d52c52.cloudfront.net (CloudFront)
Vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method
Age
51
X-Cache
Error from cloudfront
Connection
keep-alive
Content-Length
1253
Last-Modified
Thu, 02 Jun 2016 16:49:36 GMT
Server
AmazonS3
ETag
"7201fa7458511f11736f1fe4df97250b"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
text/html
Access-Control-Allow-Origin
*
Cache-Control
max-age=60
X-Amz-Cf-Pop
FRA60-P1
Accept-Ranges
bytes
X-Amz-Cf-Id
UA3_EU1vMGFQ02KskjzfMPfnAecMq0OE2aHzU2FatkBJ4LdMwE6Ang==
vevent
ams3-ib.adnxs.com/ Frame 6ABD 		0
888 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Frextester.com%2F&e=wqT_3QKnEPBMJwgAAAMA1gAFAQj509qWBhCw-o_HwtizyE4Y6auJ3eOc8MgZKjYJGi_dJAaBhT8R0MsolltafT8ZAAAAgD0Ktz8h0MsolltafT8pGi8JJNAxAAAAQOF6hD8w44L0CDjKQUDqP0gCUKyO1X5YmNVSYABo69yaAXiJ9gWAAQGKAQNVU0SSAQEG8ECYAXigAdgEqAEBsAEAuAECwAEFyAEC0AEA2AEA4AEA6gGQBWh0dHBzJTNBJTJGJTJGYWRjbGljay5nLmRvdWJsZQkOLG5ldCUyRnBjcyUyRgUSHCUyNTNGeGFpAQj0KwVEQUtBT2pzdDVHUkRyeDJCd0U1TW9aZi1sUFYtRzFxX05DQUNBeTI4T2FXbVhQalMtSmVSUWpJWTJoaGdkRGRSWVFaSGdWUUpmZ2FacTFRakdJYWZfdDdVcU5NQWIxanZxMmt2ZzRrNjZMbEtmV08zbGExTGE5dFBfOWQ5SWs3elJod1JOd250aDZ1d0RWYkNmdF9TVEZMNGdDa19vYkhLUjJyVVJVWHRCVXlHcXh6blpyVlRXSVExUzl1MEtVYndiVUZMMGhKNWk1VEVZOXhybVFlMWlWclI4bDlJQ08yMXBCclVmd2FzR09aNVlQd3BySk9QZGhoRUxWUE15N2pfeXVNVkVjaXRJcWthX2Y4Tml3dlJ6cnFBYzNITjdRU2hLMU9ic3RZMDYzMlBpOGstMmdJRTI5d1JlaE5PeFhZWGR1d01UMERwZDdxbVgtSkM0Z0xGdyUyNTI2c2FpJTI1M0RBTWZsLVlSUUYtNmI0d2EyQ0JtaWlQWFZJSElseXhoblBwZHRFUnFIREhXZktQbHZnUGllZHIxM3RqY082bW1MZ3VndHhpMUVsSHJqdFdHQjZPV0RQdzNUbzllTkdpSHk2enBGZlYwekZ6ZWQxVDZXZnh2RXcwaHg0R2Z0a1ZRYkJDayUyNTI2c2lnJTI1M0RDZzBBcktKU3pOREJYd3BYanR4WkVBRSUyNTI2ZmJzX2FlaWQlMjUzRCUyNTVCZ3dfZmJzYWVpZCUyNTVEJTI1MjZ1cmxmaXglMjUzRDElMjUyNmFkdXJsJTI1M0TwAQCKApUBdWYoJ2EnLCAyOTM3MTExLCAxNjU4MjM1Mzg1KTt1ZignaScsIDQ4MTQ5MjIsIDE2NTgyMzUzODUpO3VmKCdnJywgMTI2OTI1MTAsIDE2NTgyMzUzODUpO3VmKCdjJywgNDUzNDI0MjAsIDE2NTgyMzUzODUpO3VmKCdyJywgMjY1NjM1NjI4LCAxNjU4MjM1Mzg1KTuSAsUEIXRuRHVfQWpVdmM4VkVLeU8xWDRZQUNDWTFWSXdBRGdBUUFCSTZqOVE0NEwwQ0ZnQVlLRUJhQUJ3QUhnQWdBRUFpQUVBa0FFQm1BRUJvQUVCcUFFQnNBRUF1UUhIWGZuajBJQ0ZQOEVCeDEzNTQ5Q0FoVF9KQVFBQUFBQUFBUEFfMlFFQUFBQUFBQUR3UC1BQnl2Q2xBdlVCemN6TVBaZ0NBS0FDQWJVQ0FBQUFBTDBDQUFBQUFNQUNBTWdDQU5BQ0FOZ0NBT0FDQU9nQ0FQZ0NBSUFEQVpnREFhSURGd2pjeDhBVUVBSVlBUzBBQUFBQU1nZGtaV1poZFd4MHVnTUpRVTFUTXpvMk1USTI0QVBxTG9BRV9hN0VCSWdFemRmSUJKQUVBWmdFQWJvRUdnaUZCQkVBQUFBQUFBRFFQeGtBQUFBQUFBQUFBQ0NDeG9zT3dRUUFBQUFBQUFEUVA4a0VBQUFBQUFBQUFBRFlCQUR4QkFBQUFBQUFBQUFBaUFYdUw2a0ZBQUFBQUFBQThELXhCUUFBQUFBQUFBQUF3UVdhbVptWm1abTVQOGtGQUFBQVFBVGh1al9SQlFBQUFBQUFBQUFBMlFVQUFBQUFBQUR3UC1BRm1nandCWjdZaGdiNEJaZWlzd0dDQmdOVlUwU0lCZ0NRQmdHWUJnQ2hCcHFabVptWm1ia19xQVlFc2dZa0NRQUFBQUFBQUFBQUVRQUFBQUFBQUFBQUdRQUFBQUFBQUFBQUlRQUFBQUFBASmodUFZS5oClQEhVHhZOVFnalV2YzhWRUt5TzFYNFltTlZTSUFBb0FER2FtWgUCWDVQem9KUVUxVE16bzJNVEkyUU9vdVNRAUsYQUFBUEFfVREMDEFBQVcdDABZEQwMTkFfYREMDEFBQWMdDBBlQUNKQREQNFBBX9gCAOACn_A_6gIWxRnw7TovL3JleHRlc3Rlci5jb20vgAMAiAMBkAMAmAMZoAMBqgMAwAOsAsgDANgDzZmnAeADAOgDAPgDAYAEAJIEBC90dGqYBACiBA4xNzguMzMuMTQ0LjE3OagEALIEDAgAEAAYACAAMAA4ALgEAMAEAMgEANIEDjgxNzAjQU1TMzo2MTI22gQCCAHgBADwBKyO1X6IBQGYBQCgBf___________wHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AXcsBb6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AG6CnaBhYKEAAAAAAFNw0BAZtM4AYB8gYCCACABwGIBwCgBwG6Bw8BSAAYCbUwqy5AAMgHifYF0gcNCQ03BTgI2gcGCSdo4AcA6gcCCADwB7nbAooIAhAAlQgAAIA_mAgB&s=ca8a946d1fb247ee40cfbe0c1aa6e574039bd9f3&type=pv&jm=1140|1141|1003&px=0&py=0&bw=120&bh=600&sf=1&sid=5073356491954961361&vd=ct~0|rr~5&sv=224&tv=view7-1js&ua=chrome52&pl=win&x=v&tag_id=18678115&ft=3
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/224/trk.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.212 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Jul 2022 12:56:26 GMT
X-Proxy-Origin
178.33.144.179; 178.33.144.179; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
d7d9aaa1-4b74-4e6c-a554-e4baf0ae1f79
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
async_usersync
ib.adnxs.com/ Frame AF7B 		0
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels&seller_id=8394&pub_id=1070141&gdpr=0
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=8394&pub_id=1070141
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.5060.53 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Jul 2022 12:56:26 GMT
X-Proxy-Origin
178.33.144.179; 178.33.144.179; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
AN-X-Request-Uuid
828a1d42-a9cb-4289-aaf0-756715231017
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client

Verdicts & Comments Add Verdict or Comment

64 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation function| $ function| jQuery object| _gaq function| CodeMirror boolean| has_changes object| GlobalEditor function| Save function| RunClientSide function| RunNonCS number| total_runs function| Run object| _gat object| gaGlobal object| bsagpt object| bsaheaderbid object| googletag function| bsapbChunk object| bsapb object| _pbjsGlobals object| ADAGIO object| mnet string| nobidVersion object| nobid object| BSAOPTIMIZE_TARGETING object| BSAOPTIMIZE_targeting object| BSAS2S_TARGETING object| BSAS2S_targeting object| BSA_TARGETING object| bsa_targeting object| optimize object| bsas2s object| ggeac object| google_tag_data object| google_js_reporting_queue undefined| google_measure_js_timing object| Criteo object| sas object| apntag object| _ADAGIO string| mantis_uuid object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| ONFOCUS object| criteo_syncframe_state object| criteo_pubtag object| criteo_pubtag_prebid_125 object| Criteo_prebid_125 object| google_image_requests

17 Cookies

Domain/Path Name / Value
.rextester.com/ Name: __utma
Value: 178476455.1619015751.1658235382.1658235382.1658235382.1
.rextester.com/ Name: __utmc
Value: 178476455
.rextester.com/ Name: __utmz
Value: 178476455.1658235382.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none)
.rextester.com/ Name: __utmt
Value: 1
.rextester.com/ Name: __utmb
Value: 178476455.1.10.1658235382
.rubiconproject.com/ Name: khaos
Value: L5S6J5VB-3-69XW
.rubiconproject.com/ Name: audit
Value: 1|SDziDG3X/EhvzfyzmaxIZMWxZQUMNpzzGXFcqoZw1m5dVR20EBVGH6i838eN4SYa3IPTGbnMv5BymPvo8pleP+bPGxj3zScZKb/MXuuoKek=
.adnxs.com/ Name: uuid2
Value: 1842465817646749161
.rextester.com/ Name: __gads
Value: ID=6faa7febf03297c9-222fda77d1cd00c5:T=1658235384:S=ALNI_MZ79PMqKG3GMBH68OIAdsQpiR1q0A
.rextester.com/ Name: __gpi
Value: UID=000008e6886fb570:T=1658235384:RT=1658235384:S=ALNI_MYoOrQ06zJ0AbjsbmkVLol39emAiA
.criteo.com/ Name: uid
Value: 3f78ec73-0e2f-4c1f-9841-30a79533c5a6
.rextester.com/ Name: cto_bundle
Value: YYiNzV92JTJGV1k4aVJCd1pMSW9JSyUyRkJHcGw4RjJiUWxncDNlUFAyN3NsJTJGZzA3V1cxSlJ0VWhyeVdmN054ZUMyV2dRU1VpOEFGV1NsbU9rSE9LWGM2NHZjWVY5UGt3NVRDZHU5ZlE5cXZVTUJMUjZCZ0QxWXF1RzhtaUNDQkhJMUZ3dEZNVWptUzNIMUhsQk13cElqcE12OEZSd0ElM0QlM0Q
.doubleclick.net/ Name: IDE
Value: AHWqTUldEsQ4LktL53WVrccZiDE0MzHP3WIIDbGmYz26RBwktxk4cRaJhyOkgHrwSI8
.adnxs.com/ Name: anj
Value: dTM7k!M4/8CxrEQF']wIg2Ilfv>?w=!]tbP6j2F-XstGt!@Da)$jl=A
.adnxs.com/ Name: icu
Value: ChgIvahBEAoYAiACKAIw-dPalgY4AkACSAIQ-dPalgYYAQ..
.advanseads.com/ Name: ADV-BCID
Value: a4d4de1c-961f-4555-9459-c8cfaed79f3a
.book-secure.com/ Name: FbTrackID
Value: 83eacc07fe5e56b3fc04da2cf9709362821aa68c

4 Console Messages

Source Level URL
Text
other warning URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 88)
Message:
Unrecognized feature: 'attribution-reporting'.
other warning URL: https://www.googletagservices.com/dcm/impl_v90.js(Line 100)
Message:
Origin trial controlled feature not enabled: 'attribution-reporting'.
network error URL: https://delivery.advanseads.com/1.0/5661252073499655472
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://cdn.advanseads.com/dnaFiles/fonts/red-hat-inc_liberation-sans/LiberationSans-Regular.ttf.ttf
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

198a39cd223c35b55b705ba11dffcc1f.safeframe.googlesyndication.com
acdn.adnxs.com
ad.doubleclick.net
ads.servenobid.com
adservice.google.com
adservice.google.fr
ams3-ib.adnxs.com
ap.lijit.com
beacon.sojern.com
bidder.criteo.com
c.4dex.io
cdn.adnxs.com
cdn.advanseads.com
cdn4.buysellads.net
choices.trustarc.com
choices.truste.com
count.advanseads.com
delivery.advanseads.com
fastlane.rubiconproject.com
fonts.googleapis.com
gum.criteo.com
hb-api.omnitagjs.com
hbopenbid.pubmatic.com
ib.adnxs.com
mantodea.mantisadnetwork.com
mp.4dex.io
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
prebid.media.net
rextester.com
script.4dex.io
secure.adnxs.com
securepubads.g.doubleclick.net
srv.buysellads.com
ssl.google-analytics.com
static.criteo.net
stats.g.doubleclick.net
tpc.googlesyndication.com
tracker.book-secure.com
www.google.com
www.google.fr
www.googletagservices.com
hbopenbid.pubmatic.com
107.178.244.119
13.32.121.11
13.32.121.93
13.32.121.95
142.250.186.102
167.99.117.8
172.217.18.2
178.250.0.157
178.250.0.165
185.255.84.151
185.89.210.212
185.89.210.90
23.35.236.188
2602:803:c003:200::31
2606:4700:20::681a:8a9
2606:4700::6812:272
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:801::2003
2a00:1450:4001:801::2008
2a00:1450:4001:80f::2004
2a00:1450:4001:810::2001
2a00:1450:4001:812::200a
2a00:1450:4001:827::2001
2a00:1450:4001:827::2002
2a00:1450:400c:c0c::9d
2a02:2638:1::3
2a02:2638::1c
34.107.148.139
35.241.34.106
51.89.9.254
52.18.240.34
52.20.37.152
52.203.71.44
54.146.39.184
54.77.185.238
72.251.249.13
92.204.4.78
94.31.29.32
0483ebf3723ce75faa24b3235f0012b52eacc864edb8ea70534a5389d4341c22
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d7c10c7f5c284f077d20152445721b08a04036628fe637e506ecb24036ace5b
0de50a799ee39bde80bfb0943ba85616975f5c71e0e746b49c27c5b0d1731ef6
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1fc15513886ad3f92fe98613537931ef9b0283ece47d6cc76d2ff6b6b67f4a76
252c29ef62b802327c45deee24d6928edb38c5a3369ccc4d29a54ae3b9584acb
2949815c9100abbd83905c82047450218f51598cf435500c05e9914b0fe25805
2a40641661b54c304ebe64ce944b1261fd061962a6f2b86558f3b3d98237ca0a
2c6e0f0e40ee0c2dba52532421f6978b2861deb34e9a8271aa3aa9b52fc4be5c
2e71574c6d39f4478d57c1a2ade15474de6ac9871f9fa4bd5e50ee00ddf4eb97
344e49be2a4066e55d8eab5695ff832c899fa62acab428800d595cdab96a3ab4
3cef1864f3b4a587c446729a5ee0eb8ae906ec76154e956b797e467c653d0024
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3ea3c755accaba5448c5d6a0414ae0cb437af0162726f382f66556c7b80152a0
405acb6023cedd16e88981069ad5e3b7f167e0cf350af425b3b1244b7706d662
47786e6e7844edd46b5b996a3d3f3b17a8d77d3de2ed89c67710d0a670e39b22
4b735eb18b944ca2d24de3f7c50e1789c0aa2586b1f955f88e45525b738ce392
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ed23eedcffab565677aac0e6a13aa69b5a86b9bbb154a2be0018f2d23a308df
5160f8e7cf65486d4ef7ac14e03e5f5ae69449527b99fe4ea4634bd829e9ef8f
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a2d04f132fe18a2606b62dc286539ffb92272fd2913574b4eac833c1f29aac4
5e5c9149be229df7c934f8cd1acf1b3cc9e04e29cbbe6cbe0e2d726e79930cff
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61cecaa8485a309cd42c6ee9984a2fbc30a9e86c28f5942cc66770a73746656b
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
66be27b692805dcb02d18017a446929b3b11181545457e2e72d0c02cf556db76
6c91463e24cbf9785b91af79d2f91d96d193d0f069be612101ad676528837b23
6f173fbde897c4b5e403c91d99bfc6d671efea799450ca3b11c0d1bcce2ddfc1
70f7b6feaec4f65bae5e9eab6f60dbd1f08a96b90227a8559335e7be3d282a09
7ec93ed936c25021a5d9b2556bbe9368be98479a6f30155eb83783066cb920b0
89a6fec31829f46f8d5e017f4c8a82e48347794c88c9fdcd6cbbe33eaf436730
8b73b6ccd7091d6d9d23adaab2baae3c4abf6de06df8efdd03215ee9376fa035
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a57f7a6c76b43c6ae5f6c979dcd1e8cd360e06db5721d1b059bce60c3aa7ca9d
a5dc5a37429ab0c85d061812b6ae3bbffe1a77605ce106b162dc253abba9e51c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a8e91147663e766b9d516e4b7fd39f21685b1866829dd58595a997463a3d1b24
a9af85c75793307e7639f72812b5f35ff45721624d043a7be27441e02c1103cd
aa74ac2be95a86a2948154dcd3405057382f91522449b8f25db15f97ea4fb226
aafbe63767b52106445fc908e63387cf0c3064c6f9b9545d70b77b123f626cc6
acb5d519051cc13618e992a7df4bce6a980036dfbe2e17a970ec716194329f6a
ad6934160e7811f2b7311649cc072a9d0fab6e170b14270c02843b3c2317e5b6
ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910
add9f13f5a448474f76e5b841567592d87e885e46a781adbc65074b8c18ea1bf
b3c8a48d116a26a0f6f4266bc38c2e3df5971a53dc8cffae9c7edfe05081eb1a
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b6d1f6662fba6c649c4b906368c6c758a51a9ffc03639875681c3fc4ce2f8998
b912f9dcae358b9ef7e2d6b1f368eeabe05d17af890ff48ce0820e9facbc9fe7
ba6eda7945ab8d7e57b34cc5a3dd292fa2e4c60a5ced79236ecf1a9e0f0c2d32
c652cb3dcc3b49133285c42c49b296c3a3af4f9fceffde1022a6e3539e2422b1
c7eedac9d4f3c8319fe690798cfdf79fde72b6e88c72a1b5ed6e21677c90c4f1
c92051548889239b680f82ccf1dda41686b27dc53439d864e77424287dfa9c55
d06948024e81b1b23f475b4b37aa25f9127f3e49021bd1d9435ac5ab1cedbdd3
d50ae1c9b63b678c6cdaa47ec3338db2527874e314cf919606cbd542e25b2763
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f70b370debd085dd9e9fb6495c796cdccf41c44574cc185dbe124f3ea8237623
f9de4b0e49d54cdd7df64e629fa7506e808d18f53a681ae25d79888c6a77b7c5
fe7bd8cacf9680625b7da9649a92bee8ab705909190040bad2396b2d6ca9436e